www.oferlo.com.ua Open in urlscan Pro
2a00:1298:801f::b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oferlo.com.ua/
Effective URL:
https://www.oferlo.com.ua/
Submission: On October 19 via api (October 19th 2022, 6:34:54 am UTC) from GB — Scanned from GB

Summary HTTP 155 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 19 domains to perform 155 HTTP transactions. The main IP is 2a00:1298:801f::b, located in Slovakia and belongs to AS-BENESTRA Bratislava, Slovak Republic, SK. The main domain is www.oferlo.com.ua.
TLS certificate: Issued by R3 on September 22nd 2022. Valid for: 3 months.

This is the only time www.oferlo.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	2a00:1298:801... 2a00:1298:801f::b	5578 (AS-BENEST...) (AS-BENESTRA Bratislava)
16	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
35	2606:4700:20:... 2606:4700:20::681a:364	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 15	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3 6	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.248.3.167 34.248.3.167	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
3	2600:9000:223... 2600:9000:223f:ca00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
9	2600:1f18:1ac... 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:400c:c38::78	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:24::6	15169 (GOOGLE) (GOOGLE)
155	31

22 2a00:1298:801f::b (Slovakia) 1 redirects

ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK)

oferlo.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.oferlo.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:20::681a:364 (United States)

ASN13335 (CLOUDFLARENET, US)

eu001.leafletscdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.3.167 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-3-167.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:ca00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400c:c38::78 (Charleston, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:24::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5edndr.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	leafletscdns.com eu001.leafletscdns.com — Cisco Umbrella Rank: 438709	96 KB
31	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	476 KB
22	oferlo.com.ua 1 redirects oferlo.com.ua www.oferlo.com.ua	203 KB
14	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 794 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 546	98 KB
14	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	104 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	116 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	839 KB
6	google.com accounts.google.com — Cisco Umbrella Rank: 83 adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	78 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	3 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8724 www.google.de — Cisco Umbrella Rank: 6045	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	3 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3385 r1---sn-4g5edndr.gvt1.com	1 MB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	93 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131 partner.googleadservices.com — Cisco Umbrella Rank: 888	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	111 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	57 KB
155	19

	Domain	Requested by
35	eu001.leafletscdns.com	www.oferlo.com.ua
21	www.oferlo.com.ua	www.oferlo.com.ua
16	pagead2.googlesyndication.com	www.oferlo.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
15	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
9	dt.adsafeprotected.com	googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com googleads.g.doubleclick.net
6	s0.2mdn.net	www.oferlo.com.ua s0.2mdn.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	www.oferlo.com.ua tpc.googlesyndication.com
3	fonts.googleapis.com	www.oferlo.com.ua googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	googleads4.g.doubleclick.net	www.oferlo.com.ua
2	fw.adsafeprotected.com	1 redirects www.oferlo.com.ua
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.facebook.com	www.oferlo.com.ua
2	www.google.de	www.oferlo.com.ua
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	www.oferlo.com.ua connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	r1---sn-4g5edndr.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.oferlo.com.ua
1	accounts.google.com	www.oferlo.com.ua
1	oferlo.com.ua	1 redirects
155	33

This site contains links to these domains. Also see Links.

Domain
d34seexzbffcio.cloudfront.net
www.oferlo.ae
www.broshurko.bg
www.fylladiomat.gr
www.letkomat.hr
www.oferlo.id
www.oferlo.in
www.saishinchirashi.jp
www.oferlo.kr
www.catalomat.ro
www.letakonosa.si
www.kataloglar.com.tr

Subject Issuer	Validity	Valid
oferlo.com.ua R3	`2022-09-22` - `2022-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-03` - `2023-09-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-28` - `2022-10-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.oferlo.com.ua/
Frame ID: CEC19E856D3A431AD05799040FC7164B
Requests: 88 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20190131/zrt_lookup.html
Frame ID: 18C4E952A1995BC22B1CE9FE403ADBE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1666161286&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286227&bpp=4&bdt=390&idt=429&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=543909112797&frm=20&pv=2&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=457
Frame ID: 29E2646B5BF61BBFF992E6D19B47FFBD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448
Frame ID: 77007359DF20765090F58D324152D8EB
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRCrlZYBGLjAvdUBMAE&v=APEucNUF45MNeAPmIGNhWLSK0euP8q0UKhun3aPJcPFUFLVfH51cV399QqnujDYEgdzpNDv1bxyRBKukBFzN_LsaFJBRl9PL-3GK11fWoekfyqtdNQmf0DSlmOd6tSfH-V0nanSiRW9z4gEidty4o-WO6goVqcOTbboDrvRN8dW8gySJVyiK0aY
Frame ID: BF699AF367BA67B44FC5598FDE93F5A6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E04BF71E6EFCF2D2EDF7E870332FFEF3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9852978551050334301/index.html?e=69&leftOffset=0&topOffset=0&c=XcPQ9vDq7O&t=1&renderingType=2&ev=01_247
Frame ID: F6FC1796356657D5627E9DC5BFC5BD63
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1
Frame ID: 80DF41FD073C6D1FEBB02B6C36A1918F
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5262F670FF95151C9B6FBB60FD84172C
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019
Frame ID: C5BC2068E1D94456E6D75450E4786D13
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: 955DA4121A91B4CB40B411E10296C034
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: 0E0322D42E8340E42EEE58D547BD9DA9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C17E12B4B6C72063730A10D3BDC9E40
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14EE4311CC78FD3C970DBE587051E2B9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Останні акції, каталоги та знижки | OFERLO

Page URL History Show full URLs

http://oferlo.com.ua/ HTTP 301
https://www.oferlo.com.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope
accounts\.google\.com/gsi/client

Yii (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

/yii\.(?:validation|activeForm)\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

Page Statistics

155
Requests

95 %
HTTPS

84 %
IPv6

19
Domains

33
Subdomains

31
IPs

6
Countries

3731 kB
Transfer

6330 kB
Size

18
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://d34seexzbffcio.cloudfront.net/a94464aff8a69ba3b7b48aee44397d866191662a65485.pdf
Title: умовами використання

Search URL Search Domain Scan URL

URL: https://d34seexzbffcio.cloudfront.net/e6f686054460106d095f70d30bb88552617a4484914ea.pdf
Title: обробкою персональних даних

Search URL Search Domain Scan URL

URL: https://www.oferlo.ae/
Title: United Arab Emirates

Search URL Search Domain Scan URL

URL: https://www.broshurko.bg/
Title: България

Search URL Search Domain Scan URL

URL: https://www.fylladiomat.gr/
Title: Ελλάδα

Search URL Search Domain Scan URL

URL: https://www.letkomat.hr/
Title: Hrvatska

Search URL Search Domain Scan URL

URL: https://www.oferlo.id/
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://www.oferlo.in/
Title: India

Search URL Search Domain Scan URL

URL: https://www.saishinchirashi.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.oferlo.kr/
Title: 한국

Search URL Search Domain Scan URL

URL: https://www.catalomat.ro/
Title: România

Search URL Search Domain Scan URL

URL: https://www.letakonosa.si/
Title: Slovenija

Search URL Search Domain Scan URL

URL: https://www.kataloglar.com.tr/
Title: Türkiye

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oferlo.com.ua/ HTTP 301
https://www.oferlo.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZTEiSngiKUfjN8WD-cTs&google_cver=1

Request Chain 57

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0.ah5149MUuva2MKWlBtgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmhgqAWYGwGEze238PRmqc&google_cver=1&google_hm=2

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGTOKQBrrxUEjrDjqMX4cII&google_cver=1

Request Chain 59

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MTM4MzQ4NjU2MzkyMTMxNA%3D%3D

Request Chain 87

https://fw.adsafeprotected.com/rfw/st/1210663/66362802/skeleton.js?ias_dspID=3&ias_campId=1009183564&ias_pubId=pub-1447540957213601&ias_chanId=1&ias_placementId=18583666738&bidurl=https://www.oferlo.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLToYLz1G_7BA4NVhoGvE8&adsafe_url=https%3A%2F%2Fwww.oferlo.com.ua&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.oferlo.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1447540957213601%26output%3Dhtml%26h%3D600%26slotname%3D6019623105%26adk%3D760889125%26adf%3D1610234907%26pi%3Dt.ma~as.6019623105%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1666161286%26rafmt%3D12%26format%3D300x600%26url%3Dhttps%253A%252F%252Fwww.oferlo.com.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rh%3D600%26rw%3D300%26sfro%3D1%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1666161286270%26bpp%3D2%26bdt%3D434%26idt%3D441%26shv%3Dr20221017%26mjsv%3Dm202210120101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D543909112797%26frm%3D20%26pv%3D1%26ga_vid%3D159357337.1666161287%26ga_sid%3D1666161287%26ga_hid%3D2086608127%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1245%26ady%3D167%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C42531706%252C31069178%252C31070367%252C31070385%252C31068919%26oid%3D2%26pvsid%3D3284389028113511%26tmod%3D1231347606%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaeE%257C%26abl%3DCA%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DCo81CKHke9%26p%3Dhttps%253A%2F%2Fwww.oferlo.com.ua%26dtd%3D448&adsafe_type=d&adsafe_jsinfo=,id:e4761146-f845-c0b7-84b2-0f0d28fb760b,c:rt8l9y,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5b58464db-vxbkd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:298,mot:0,app:0,maw:0,fm:tkGKXQF+11%7C12%7C13*.1210663-66362802%7C131%7C1321%7C133%7C14,idMap:13*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:311,oid:2071ebbb-4f78-11ed-ab30-7a6bcb2e9910,v:19.8.358,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 126

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXsMjb_gEQ3AYYwgMyCJoYbogAFYW3 HTTP 301
https://tpc.googlesyndication.com/simgad/14005133618456074320

Request Chain 128

https://redirector.gvt1.com/videoplayback?id=f6898d4affc36e27&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1666168487&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=15DFAB81DC26774EBA6F167DBD8CB731A5D880FD.3D0B4E28A2516760D4D6D11F18224D49254D4696&key=ck2 HTTP 302
https://r1---sn-4g5edndr.gvt1.com/videoplayback?id=f6898d4affc36e27&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1666168487&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5E17A84898180F04CDB35E3CF3BBF8B2BCAB4162.48727ACEBA84F2FBE48001473E0D14C2219C4FC8&key=cms1&cms_redirect=yes&mh=B4&mip=2a01:4a0:2c::8&mm=28&mn=sn-4g5edndr&ms=nvh&mt=1666160634&mv=u&mvi=1&pl=29

155 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.oferlo.com.ua/
Redirect Chain

http://oferlo.com.ua/
https://www.oferlo.com.ua/

125 KB
35 KB

463ms
68ms

Document
text/html

2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

8deb39369e6d0f8e8673167efaa73bc4ef9759ba4a5432ab5fa362d0c9b11ca4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 19 Oct 2022 06:34:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: []
server: nginx
strict-transport-security: max-age=10; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Hyperia
x-proxy-cache: HIT
x-proxy-cache-type: nl30m
x-proxy-date: Wed, 19 Oct 2022 06:34:44 GMT
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:45 GMT
x-upstream-backend: letakomat-ams-w016
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 19 Oct 2022 06:34:45 GMT
Location: https://www.oferlo.com.ua/
Server: nginx

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 218ms
93ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faeec4e3b4ba98ac2d70cdfd029889c56351af467d0785ee0e5af1f88ae12fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55138
x-xss-protection: 0
server: cafe
etag: 15850817083133596579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 06:34:46 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 190 KB
76 KB 254ms
128ms Script
application/javascript 2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4930584b07df39cc843c3f2c763d1f2a7caeef0089dc94b7074cdabf95f86a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E0Qunc5ksUFdmH4wwktA-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-E0Qunc5ksUFdmH4wwktA-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 19 Oct 2022 06:34:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 181ms
64ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0f2cca7784269c376cea0c66fa206e809162035f87759bd0d44d171dda8053b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 06:34:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 06:34:46 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1fb1e346384232cb17d28002913baaafc0572382bae5aec82b0dca887f16f42

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 external.min.js Show response
www.oferlo.com.ua/js/joined/ 138 KB
52 KB 76ms
75ms Script
application/javascript 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4f35792ce4fe6f4c5dde4c25919ef21d
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: b27ec02228acc9cf5522b6945e933546f012a07832adb3a9c34c1c9f83375b0f

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:45 GMT
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:32:29 GMT
last-modified: Mon, 17 Oct 2022 08:17:47 GMT
server: nginx
expires: 31556926
etag: "634d0fab-cf0e"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:45 GMT
content-length: 53006
x-proxy-cache: HIT

GET
H2 200 common_co.min.js Show response
www.oferlo.com.ua/js/joined/ 49 KB
17 KB 142ms
141ms Script
application/javascript 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/joined/common_co.min.js?t=550045727028aabcb4dff82b79fa2a70
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: 41776392d13d8322de922768ec039f1743ec99d48eec5c0563373de1be04873a

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:45 GMT
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:32:30 GMT
last-modified: Mon, 17 Oct 2022 08:17:47 GMT
server: nginx
expires: 31556926
etag: "634d0fab-42e1"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:45 GMT
content-length: 17121
x-proxy-cache: HIT

GET
H2 200 homepage.min.js Show response
www.oferlo.com.ua/js/joined/ 24 KB
8 KB 189ms
188ms Script
application/javascript 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/joined/homepage.min.js?t=7647686cc03ff61fd1b08586164b370e
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: d31d8222427bde0244a26ac095720265d209e54e909b588e08671f3ee1485584

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:46 GMT
last-modified: Mon, 17 Oct 2022 08:17:47 GMT
server: nginx
expires: 31556926
etag: "634d0fab-202a"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:46 GMT
content-length: 8234
x-proxy-cache: MISS

GET
H2 200 typeahead.bundle.min.js Show response
www.oferlo.com.ua/js/ 38 KB
13 KB 142ms
142ms Script
application/javascript 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/typeahead.bundle.min.js?t=f4074b8d81f6b5bd6e300daf67f5dab4
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: 554142442a88e37f22023be8dc7347d530ec721e3571ac676c28a312d01c5334

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:45 GMT
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:32:30 GMT
last-modified: Mon, 17 Oct 2022 08:17:47 GMT
server: nginx
expires: 31556926
etag: "634d0fab-33fe"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:45 GMT
content-length: 13310
x-proxy-cache: HIT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
8 KB 173ms
56ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 20:10:08 GMT
x-content-type-options: nosniff
age: 555878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7360
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 20:10:08 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
7 KB 178ms
62ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:35:19 GMT
x-content-type-options: nosniff
age: 557967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7448
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:14:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:35:19 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 223ms
112ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:24:40 GMT
x-content-type-options: nosniff
age: 51006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 16:24:40 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 180ms
71ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 558586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:25:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 150 KB
57 KB 187ms
69ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/common_co.min.js?t=550045727028aabcb4dff82b79fa2a70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3103aae1122233d060f45c8743b9e23cbc32818a85948ae3abdc662ced54c171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58053
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Oct 2022 06:34:46 GMT

GET
H2 200 fontello.css
www.oferlo.com.ua/fonts/fontello/css/ 4 KB
2 KB 73ms
72ms Stylesheet
text/css 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=a95d4e49d1408aabd42234f8161dd98f
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: 259b67aae500877eceb2ab41928696ff03aa65b25cfd298f668030b87db493cc

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:40 GMT
last-modified: Mon, 17 Oct 2022 08:16:24 GMT
server: nginx
expires: 31556926
etag: W/"634d0f58-10ed"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:46 GMT
x-proxy-cache: HIT

GET
H2 200 global.css
www.oferlo.com.ua/css/ 92 KB
21 KB 74ms
73ms Stylesheet
text/css 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/global.css?t=58f64e08fec409c274668ee9dcafda2c
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: e91e4f767982a21e6240cf9f0631053ac63cce60efca9b4948facf64373619ec

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:40 GMT
last-modified: Mon, 17 Oct 2022 08:17:46 GMT
server: nginx
expires: 31556926
etag: W/"634d0faa-171af"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:46 GMT
x-proxy-cache: HIT

GET
H2 200 homepage.css
www.oferlo.com.ua/css/ 10 KB
3 KB 202ms
201ms Stylesheet
text/css 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/homepage.css?t=27121f8b02c2c8e174123725e84bfc34
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: 681edf17a7cf0e80c5117629eec2531bf0bfd77ec9f9a8308a1bc2edac88a275

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:46 GMT
last-modified: Mon, 17 Oct 2022 08:17:45 GMT
server: nginx
expires: 31556926
etag: W/"634d0fa9-2932"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:46 GMT
x-proxy-cache: MISS

GET
H2 200 globalDefer.css
www.oferlo.com.ua/css/ 21 KB
5 KB 74ms
74ms Stylesheet
text/css 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/globalDefer.css?t=ee72c71af853950c273fcad8ddcd8303
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: 4ec0965d6f95ca6b4ffa314e47e2fa159233e6652ca1d03ef77c94b0085f5c8f

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:33:22 GMT
last-modified: Mon, 17 Oct 2022 08:17:45 GMT
server: nginx
expires: 31556926
etag: W/"634d0fa9-5432"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:46 GMT
x-proxy-cache: HIT

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/33/ 810 B
1 KB 171ms
66ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/33/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 446bab4f19b463933ba69fc0c0ff5317bcef393fdcda0816e62b0a2b4aafeaa2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:07:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4CTulXmrH6KRiXqCwgYNiOWNGk1cK0GMNVh1DTITm78DQNS4OgEP9OwdN1uhwzpVPWY15cGsQjGnSmsrcXPObuesZ%2FWBhHodabOZ9wjEnGS17MoudaRn%2BjqPB2RNSng%2BqWHXM%2BTCIx4iD6MLJyzTBoy6K8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d673f050091-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/5/ 638 B
952 B 171ms
67ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/5/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cf4140305db6473492b7bce8c789d33bcc9a862f9d2d7fce40b115edb31683a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRiBvvLvRl3PuuQA35GsEIA3FMP9ZPifTEOrL2BH27QuUdhApvZTm9nsetSdKm3pmr9POcAs2gDeeJBoXnqs0WtQ9ig1rqGA9jYNqEC%2BORujpIJ7SfPl2UFiM%2B9wTKpOYPhIPjsbvDPc56zPeIk8SF8if00%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d673f080091-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 638
expires: 31556926

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/34/ 580 B
874 B 169ms
65ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/34/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a766ea12240078e9a4911493790c08cfa979a18619d180cd7f5a5f468fd79f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 06:28:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVVmhSP0tfFBaLvi7MN9bkD%2FP4CM9LL7hqhfhWi112I16kurfZ7SYe1qZtKchXl2b0oTbsfM%2BzsbKYA9mX8ht45ZsK48hppFRY%2F50IyOdbQDXjYynHvWg3c5x2aZ3J8v2IcMiPAzZ3WNYtdW%2BX03Gq21S6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d673f090091-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 580
expires: 31556926

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/35/ 706 B
1 KB 165ms
62ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/35/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6117374a1f09adbbff6601b20fc00b2264cf5fb2ef53ede0b320a337109026d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 06:28:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDQRIGwJyJ1%2Bm38qwHk1ATtCMX9pTVtWGdERxBDB907bnQEKu%2BBCcDIY0RcmB9PTT4f0v0%2FTHR7owtF0PLNECUeevq271bkQHuP8n1zXrz9Cul3SfVxKnN%2BIJ%2BUeWViPafMzchbPNwLNimuRmxFbTf8BPRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d673f0a0091-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 706
expires: 31556926

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/33/3925/ 15 KB
16 KB 166ms
63ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/33/3925/0_s.webp?t=1666082080
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfb937d0974a61c6eebdab2e2650fcd2af0a216aa22c05c102571a4f40c19329

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Oct 2022 08:37:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJ9Hqy8ndZxUVU7hiDG7ZupzuneCjffaDm%2Byio7X7uGHijxK2TQMJ5h%2BynrpTtZoW9ZNCc8rgibmxthAaOA6YFyasS%2FLHJyUfRbiiFmqcj8JGdkwhcdHjMahAVimrvWh4kSkKbEh%2F%2FppjZIhgDutrLee3A0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d673f060091-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15850
expires: 31556926

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/5/3924/ 12 KB
12 KB 172ms
68ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/5/3924/0_s.webp?t=1666081660
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b5fbf2eb05b4537ce81b6deb4831ff08f19018dc308bf2331d513707423d77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Oct 2022 08:35:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJhWVauzANLc7RnCt87Bvh5iqT9nwyx7KJUm7nSzEoaIbdCxRk7kWDoyDxaJtfg5w%2FNdKluzXs5pWRIUquQnbyB5GhLKBvvdl%2FLRn7kih3cqRQdw0%2BqWPKjkurvMIiBCu5B8k1%2FPZzDsCowr5Bqe5oeYYK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d673f070091-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11886
expires: 31556926

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/34/3919/ 11 KB
12 KB 87ms
84ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/34/3919/0_s.webp?t=1665991994
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 024754f345a6a79c18e7eb025a3e94a045d9460ab3be24380c9fc8ea71046dd3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Oct 2022 07:33:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ySLMjypqKF2HsRkkYiT35veaHtEOMQbMheLB4I5Dsv7ttjAjniH6%2BARcYymJVP8iJ4VbKBzj1Q8SkaYHI9rQMkjdyKAGKW9XNX5nEGsG0Qr0Acw%2F%2FjwJ8pyE%2BZzMuFL9mF4B1RUdea63KA8iZbp9P9%2F8ew%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d674f0e0091-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11566
expires: 31556926

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/35/3918/ 15 KB
16 KB 52ms
51ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/35/3918/0_s.webp?t=1665735140
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c237ef69dc2945873750c32aca11cea703949f7c0c2050d2a1615f3c9e04048

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76826
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15800
last-modified: Fri, 14 Oct 2022 08:14:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8sv0DIZKZF5Ff%2FqDykb%2BGO0CFjMIQLZDGjgORdyKKawY2T4Y5b2TfB4%2FtwEsJbKhlGEVAjKd9l%2Bg%2FF%2F2701xIpgXuyPmc2R1Ib22tBri03Ll4amQ4gmbCPkxUK5nBAxczYMI0J4dYQ9Zq1MO1n1zO27kDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d674f100091-LHR
expires: 31556926

GET
H2 200 / Show response
www.oferlo.com.ua/ajax/get-email-signup/ 3 KB
4 KB 276ms
276ms XHR
text/html 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/ajax/get-email-signup/

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4f35792ce4fe6f4c5dde4c25919ef21d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

f6373b76ed57df66b01acba5ca7d75c28411620aa58cbe5f17273faf9c144641

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: hLBfxMAWCi7ZijpMb6jB_8ZAiwic2voVNR0BMT5IOXr-g2mxtVlodKDvc3QI65GTvC3cUOivrydMaUN_fT1_HQ==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Wed, 19 Oct 2022 06:34:46 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:46 GMT
x-powered-by: Hyperia
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:46 GMT
x-upstream-backend: letakomat-ams-w028
content-length: 1456
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Oct 2022 06:34:46 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
dynamicurl: ajax/get-email-signup/
x-proxy-cache-type: nl30m

GET
H2 200 / Show response
www.oferlo.com.ua/ajax/get-menu-items/ 3 KB
3 KB 66ms
65ms XHR
text/html 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/ajax/get-menu-items/

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4f35792ce4fe6f4c5dde4c25919ef21d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

0ef1f9f33632ec6e27928d82e6f155d14605c07815630b6a4dfbf830464795bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: hLBfxMAWCi7ZijpMb6jB_8ZAiwic2voVNR0BMT5IOXr-g2mxtVlodKDvc3QI65GTvC3cUOivrydMaUN_fT1_HQ==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Wed, 19 Oct 2022 06:34:46 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:40 GMT
x-powered-by: Hyperia
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:46 GMT
x-upstream-backend: letakomat-ams-w018
content-length: 728
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Oct 2022 06:34:41 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
dynamicurl: ajax/get-menu-items/
x-proxy-cache-type: a30m

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/ 353 KB
116 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1447540957213601&plah=www.oferlo.com.ua&bust=31070367

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8582aac431acf6b5ffd6b4c7559bc25283185d60aae73ced430d65c03d9cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118726
x-xss-protection: 0
server: cafe
etag: 4073105919757174969
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 06:34:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221017/r20190131/ Frame 18C4 10 KB
5 KB 215ms
34ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221017/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 8439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 04:14:07 GMT
etag: 9671129459699598864
expires: Wed, 02 Nov 2022 04:14:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fontello.woff2
www.oferlo.com.ua/fonts/fontello/font/ 9 KB
9 KB 68ms
67ms Font
application/octet-stream 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/fonts/fontello/font/fontello.woff2?49450005
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=a95d4e49d1408aabd42234f8161dd98f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: 20b7ec5c587ce88329c10b1ab2f288ecd11dcd57e5716e90d6a957f8fddd3db6

Request headers

Referer: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=a95d4e49d1408aabd42234f8161dd98f
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:46 GMT
x-proxy-date: Wed, 19 Oct 2022 06:33:23 GMT
expires: 31556926
last-modified: Mon, 17 Oct 2022 08:16:24 GMT
server: nginx
etag: "634d0f58-2274"
x-from-origin: true
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:46 GMT
accept-ranges: bytes
content-length: 8820
x-proxy-cache: HIT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 05:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4729
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 19 Oct 2022 07:15:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 165ms
55ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

510d71bfae8484c59b9b3bd6064b3edd0348bb79b3b448bc1093bc7a73265b6a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Oct 2022 06:34:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27029
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: H0d5djtM1KdmG091EG8P+h5WssSODGV+5NOFVezkIWkdHg7SJdTfhGvv0CRTcTWM2KJFFcInvQyYXlK/QUV1Ag==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 203ms
78ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 06:34:46 GMT

GET
H2 200 yii.validation.js Show response
www.oferlo.com.ua/assets/2e4368f8/ 17 KB
4 KB 80ms
80ms XHR
application/javascript 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/assets/2e4368f8/yii.validation.js
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4f35792ce4fe6f4c5dde4c25919ef21d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: 9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: hLBfxMAWCi7ZijpMb6jB_8ZAiwic2voVNR0BMT5IOXr-g2mxtVlodKDvc3QI65GTvC3cUOivrydMaUN_fT1_HQ==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:33:11 GMT
last-modified: Mon, 17 Oct 2022 08:21:14 GMT
server: nginx
expires: 31556926
etag: W/"634d107a-4413"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:46 GMT
x-proxy-cache: HIT

GET
H2 200 yii.activeForm.js Show response
www.oferlo.com.ua/assets/2e4368f8/ 36 KB
9 KB 67ms
67ms XHR
application/javascript 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/assets/2e4368f8/yii.activeForm.js
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4f35792ce4fe6f4c5dde4c25919ef21d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: hLBfxMAWCi7ZijpMb6jB_8ZAiwic2voVNR0BMT5IOXr-g2mxtVlodKDvc3QI65GTvC3cUOivrydMaUN_fT1_HQ==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:32:51 GMT
last-modified: Mon, 17 Oct 2022 08:21:14 GMT
server: nginx
expires: 31556926
etag: W/"634d107a-9046"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:46 GMT
x-proxy-cache: HIT

GET
H2 200 maskot-main-happy-xs-subscribe.png
www.oferlo.com.ua/img/maskot/ 2 KB
3 KB 76ms
75ms Image
image/png 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oferlo.com.ua/img/maskot/maskot-main-happy-xs-subscribe.png
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/css/global.css?t=58f64e08fec409c274668ee9dcafda2c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),
Reverse DNS
Software: nginx /
Resource Hash: 0d9f243e38580effa8393e2fde8b1b6292b50af8653b8eb68a0fa5f4ae6a9d35

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/css/global.css?t=58f64e08fec409c274668ee9dcafda2c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:33:12 GMT
last-modified: Mon, 17 Oct 2022 08:16:24 GMT
server: nginx
expires: 31556926
etag: "634d0f58-917"
x-from-origin: true
content-type: image/png
cache-control: public, max-age=31556926
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:46 GMT
content-length: 2327
x-proxy-cache: HIT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
699 B 230ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.oferlo.com.ua&callback=_gfp_s_&client=ca-pub-1447540957213601&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1447540957213601&plah=www.oferlo.com.ua&bust=31070367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59c7df078ab88205474423edc7488e6bc5e8402e320dc7c30f7b2668cd016a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 193ms
62ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 182ms
65ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29E2 177 KB
48 KB 1093ms
983ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1666161286&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286227&bpp=4&bdt=390&idt=429&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=543909112797&frm=20&pv=2&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=457

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e48d592c7524a5929f4e2ace68096ab997230e8ad3133ca7c66b1f62d7fdb968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 48871
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 06:34:47 GMT
expires: Wed, 19 Oct 2022 06:34:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7700 15 KB
8 KB 704ms
620ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbc369f5658cf64e87446a582af7676907cc004d5b5f1d70b3eed2f3f0a287fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 8145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 06:34:47 GMT
expires: Wed, 19 Oct 2022 06:34:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 171ms
61ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2086608127&t=pageview&_s=1&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=1705338750&gjid=592330436&cid=159357337.1666161287&tid=UA-24834420-46&_gid=714097175.1666161287&_r=1&gtm=2wgah0PRQV9D6&cg5=site%2Findex&cd2=0&z=1000222594

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oferlo.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oferlo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/ 3 KB
1 KB 127ms
99ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/?random=1666161286772&cv=9&fst=1666161286772&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgah0&sendb=1&ig=1&data=AdBlock%3D0&frm=0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&auid=460534955.1666161286&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9aa096d4b24f77c19979a291a82e6c663be50cfb4e1c82e1f38239bb2a9bcc3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1091
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 478813288996064 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 120ms
58ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/478813288996064?v=2.9.86&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b82ac83f90803852035864620bb3751cece78fa0ed64d3762393e1390d7ecc53

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Oct 2022 06:34:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85845
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2s28TbWDEsfHOkyT/sKhnBbwK0SWeyZgKbYzEbOGkznVpE/vMUxoUtC4JeAT5ZO6BEa0NFAwZt9rQulfXtaCvw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/868040956/ 42 B
548 B 183ms
66ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/868040956/?random=1666161286772&cv=9&fst=1666159200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgah0&sendb=1&data=AdBlock%3D0&frm=0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&async=1&fmt=3&is_vtc=1&random=2030600959&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/868040956/ 42 B
548 B 185ms
69ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/868040956/?random=1666161286772&cv=9&fst=1666159200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgah0&sendb=1&data=AdBlock%3D0&frm=0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&async=1&fmt=3&is_vtc=1&random=2030600959&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 169ms
56ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24834420-46&cid=159357337.1666161287&jid=1705338750&gjid=592330436&_gid=714097175.1666161287&_u=YAhAAEAAAAAAACAAI~&z=1450352673

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oferlo.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Oct 2022 06:34:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oferlo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 176ms
58ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478813288996064&ev=PageView&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&rl=&if=false&ts=1666161287041&sw=1600&sh=1200&v=2.9.86&r=stable&ec=0&o=30&fbp=fb.2.1666161287039.878912607&it=1666161286784&coo=false&rqm=GET

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Oct 2022 06:34:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 177ms
66ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24834420-46&cid=159357337.1666161287&jid=1705338750&_u=YAhAAEAAAAAAACAAI~&z=1025605520

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 179ms
68ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24834420-46&cid=159357337.1666161287&jid=1705338750&_u=YAhAAEAAAAAAACAAI~&z=1025605520

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7700 42 B
63 B 88ms
87ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLrw4oG87BdO1MmIisnkRKPeJ0g80sb51MJzDxhtGL7X7hZXnBohdytJdGknh0ozoQPF_Ky9ZHjKc6J5e_eLXMhx_Q5ogZEFTk3vHAnSGV9JcgywY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 7700 3 KB
1 KB 198ms
59ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 19:23:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 7700 17 KB
8 KB 191ms
54ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7700 152 KB
47 KB 187ms
64ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 06:34:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BF69 624 B
300 B 65ms
64ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRCrlZYBGLjAvdUBMAE&v=APEucNUF45MNeAPmIGNhWLSK0euP8q0UKhun3aPJcPFUFLVfH51cV399QqnujDYEgdzpNDv1bxyRBKukBFzN_LsaFJBRl9PL-3GK11fWoekfyqtdNQmf0DSlmOd6tSfH-V0nanSiRW9z4gEidty4o-WO6goVqcOTbboDrvRN8dW8gySJVyiK0aY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 06:34:47 GMT
expires: Wed, 19 Oct 2022 06:34:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7700 94 KB
36 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A79tVCfdXWGgZMblRgWp8BFy0a6dLKhiWxIo7tpDDEeDjJMldbMldJAdN6iy3Qu4orJ1wnDQH8cb4keUgq97R7CGzStTVnfAPCEyp-F4wOCt_oqHhfdsj28C_nnp-VBNxlybW6njGdpd31tKw10Xt-JACJLC-yUftr5ONOctSzyBiklHM&dbm_d=AKAmf-Af0XJd9XZubrYHtPlRJbXheLwCK-rlq0sDTp71J01nZXMQy5O3RJc0LpeEJ1TDMlvtD2A847WMgE8Y2SWVhW61J8fB2uXCbUGrzDzV6oDb8BgG8scJF0byO2qMuFNoj_FVeYVgkEa03ibvc-NRbReQdVNfIiaDadDEaDuk5PARkfFswRXAfd9jO2Mycg1umvtObKf1oGXd0xI5VeCW6GYU_bogjKEMyV1gb20iPVXSTIVrOjtH4XRyCERYuHekHwPDD376OCStoReG-u9705NQXcx_5KzgT6qw48jr1wPITw1K1J1Zitfsd0drROugi4JbWFV6i7Bg8ijvLNA1cDZflsliTStxl90Pzi2SJ-iaiN66EYqFzm1A9B4gMYr0POff5S1_h1r18puV4lv8qdHWlG1ekVQRp6MbJw2449Zidyo9RGQqCTdDcqFn3KryazkLWVrh3w8Z5RMFz9qt0hl1rwJAqf7vVq1ysn0MQo1MB0W5zxCK9l2Z9_cze-27i_WjJOrh5F8xh0JfdaytkMOxjfNm30UInIMMATAEywJcvi_4z85a7YTv_bqbQLIT_xNbvf7FVpeA-eBuKzKEHF5iOvSd5J942yroQXJ37GfFxj0nL7f4WhvQmGDKuiuCXaZpwRimLDagceCbYLQow5-RlPDP2LdDTvuBzJWGaRFLzAuUzHfafxwVEW8Mm9geX287qGDHo1wz_L7n05SKDsAnuNg69nEfQDFP2QUNlp33H5yFc_cDC-P6QbVWAA0KDyXjyymgY9nM6zqalF3GjzTk81jg1TIILqs1rtLBoCvL0g3HbIbvEBFRrUcT9w3KmeUEZhdV77s67ASxkzn0YibqxsF-o1JqclHWJdFZkTodTd-KXbB-9MFgZOQDnlWkJzkFBz54NMCfJQ3pRx6vt83WlesxB_PKdXFG7bCpX5erc72bNAWIXn4tQhPFq2W4yPwIQmyWarfbfxaux4feQAynZlYNke21uJbltiK2OK3oNdcJYwKWMVaF5kXOdidbEu-tYuV-iF0GHuh8G-JHdTkBzXABSz3oSyes5qYLIrDOHLI8BNnwfjKdvKpPQaV7sg7N3eI2XXS3BflajPa0eEe_umIKtPt2hQr3Zjr1nGD9iKoRTUT9ZriuSiICSodV1bPtIL1cJaiAIvqJyuxNBpVZRjSPhvg-q0YSevOOyVmK7pfG0SndPLoFHZtF1YA8JcrPxOj9FvxP3zXU-3V4VsXDrCYZ1Zk187FdwOm39vszQHaeYdscj93NzJc12SSL66qU4L1HcazuYLDrTC3BSyZZUfo_eG954SUD82sXp7h56bjBXvFNlYxXTdMwsWqLy_COVqxvq_7npEm1t2NkbyXuoAgMXaMvRqNq7UxrxtgEFjjgZXUbY_4NSuBWCHhYXUKOHi-1QwIXFyrvcKVswTavCl9pql88iAAzB-GNcrVSJjzlf4780cNY6WpuLmhvr3quqvjQ9ZEiaYFXmj-niqbFElxMOSQ8mB6x5g3HpOXOgWYo3CgUPY7oyN5QSaA7ztGki_h9ILccqGL1FZ_iwneKIUW--zpXmHEFpjl-BnXh5upcdz_FdxyGhJwFfdAvvKZTneQ1qZbne-2alvMaaNftk4aqfcgltP9YBFDgb86Kmg_PpO-zHRqKp98uliZivxRhiIUfDTG-z6yNXSnAfpBdhlUwlJbqraDchKipR6y9YIfxVGWxBVDVmLL1STu4VJxNYox5rw-T1aDITPg5XjE9lu1B-cUdJFPczx1jLP8JF_b_BCU9ySl458GpfBnL6NE9LkQ24j8Tv4j2ANA_BWs_KgYhyGkEqx2UabbsionGAC5Hdk4B-nTXk6q8uJD-_Z4CwjuZWaEaCIw64sJyaXK_HI97cuRAW14wtpzrM62U8S7MdSIMIFzwNf-4O2Y7xJfzZiVSKnB_tLmK6_NLqL8dHF2aDFxmBf4ge22avV3zCjcQO2PV190ag6kPFWBzmdfUQVQFYCAhmX1oZBr2Ed1Nc5XrCPbLQUWY31hTCzYuIHelm8k9ual1-Z3yZ4bruHhmPkWJVD0HNSsHrlu2PoVrbhFsZzJQxGFn2d7j8zrLp0kiw6GStaXH9tWAfFOU8n_pDq7Pc0QTyeVTwiaNT9HKRJlstW7RJsCo1unjuU7QUgFL-ISrZHAaneU3sF6eSBtAK6jV-90EO0pE770djykyVgZRTBYVhhHMtnTPLjX_7Bf-10uwc99RQJTM1SgF6CC4t2YWpohuwgdrAxQomwB0pvdwW9SDHEn6EV4ks6ihO-N-uOettWsa1FgEOyqa4uh25vKsKaS7Ce2bfLjZw0DIOAObmr9u2lYglUIrzOj7AnorGwCWMnwVLFbLcKtJEwDql7Rgt42rjjDpkkAA-b6F06BGEkhXK1Vc19vvvCiM07JRvYrBKVk50iqgr-oV3_6P76lKjZsH2L1kpHVA_BspLXdDaDXoX3evMtEjDUDoHmUmCU-qwk8WejrtkK-TG767Qt8XlWRB-vQJI4amMFphrAHGlpLWSXEACJpZ1_l__5lmkBQuBzeT2aaxBBSxil7fZDATyiiF_v2OqA61ifNmOZcreXHzEmTJc0TZ_syN0L-aAfYOuAUPFCXPBcHJWNdqiBhlQWnZdLAsGGVIuSgJh-gzU8cuIGwtmfXMvv5DwqQ5kKj8ZIJmVqLrSEGiFoUevnOZHZzWxo_yehCMXcvMtxwVOKWdY7yQl23ChwckgZ8T4IWoKkt5eSd3Wv7iUwkH-FEKwWy4_wDccahZ3HO4H4sggLZ0smZMMwfpSdlKcH19NJULdI-4v_S51tFxTNuvYg7dbCgPWRXeDwChMmYPLv54AAHqJMqcg4m7kOM_m35iTybleyUl5uObO2Sm85r3Nr7JyXND_Lf3qvNQLoiRKqAVR54iUO9LIumgr7ee81Cq2lvqy7HAoMEzLrR616LmDVh9jqS2FSOPj6HIPUGX2RTrJMyEvSzJOnlYCt3xNwnfGgZsvg-FwP1wDG35sCwOQ37uOHHeqtFvzst4bmMHlCVuOSWq-nqDslskTJWrBEQZE8yGTvTr8IbVZ-UhkH2NjDQeV_lH0wuQqQ60aFzPbY_nVN1QbYlRAR61EGGswm2MDMJ4-coHXU-KV66vVq-GjBgEvDGaarfrJVonDC23qm-8yqtL1-7z6rcVRpJ5IuG0mButQRaYb_Xn3wbvGpirentHiWWMuQXUGnSBsNcRpH8VH4Plf9zsVuov7MgmOa0Js4BpZL2dLzGVAM2P3Ex_wWste3uHX6DmX2B7L_lhxaeh7mDyEDCkdXEM2M9qBBDGvJji3mfKrsTzgNQ-uqAibi1QgUgDL5QTxpbQ3k_6NYnEogyrfDF8xENeA6v-jbBZNGfp2yR7MvS0DkHIMqMasDGu_IC26hpkPqzlGmGp4rFm8z6wob9m_r9UK_ywudvfMc2LHrifDQvTeMMroyBC1l3fhi-u8i2xVime_EZlX4eV_AHNPrJOaupewhtTE0lWTbvW3M09Pr4rLJ9tLCb5-GPw0YP3GucL3-9PGPtVmpqo7vk1FNG7Qgnu7t2bdw5bReQ1AEvId_0jU1M7N1N9Sn_JA57wUTRY4gYebpcWI8WMOQ&cid=CAQSGwDq26N9BrAtKoceTROmTQNJpT3NaOBVewEugRgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.oferlo.com.ua%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0647dd23fdf1707d1b853f6ad97b4ac492cce910767ad89514721bbc3f30abe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BF69
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZTEiSngiKUfjN8WD-cTs&google_cver=1

43 B
766 B

61ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZTEiSngiKUfjN8WD-cTs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRCrlZYBGLjAvdUBMAE&v=APEucNUF45MNeAPmIGNhWLSK0euP8q0UKhun3aPJcPFUFLVfH51cV399QqnujDYEgdzpNDv1bxyRBKukBFzN_LsaFJBRl9PL-3GK11fWoekfyqtdNQmf0DSlmOd6tSfH-V0nanSiRW9z4gEidty4o-WO6goVqcOTbboDrvRN8dW8gySJVyiK0aY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 06:34:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoZTEiSngiKUfjN8WD-cTs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BF69
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0.ah5149MUuva2MKWlBtgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmhgqAWYGwGEze238PRmqc&google_cver=1&google_hm=2

43 B
766 B

55ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmhgqAWYGwGEze238PRmqc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRCrlZYBGLjAvdUBMAE&v=APEucNUF45MNeAPmIGNhWLSK0euP8q0UKhun3aPJcPFUFLVfH51cV399QqnujDYEgdzpNDv1bxyRBKukBFzN_LsaFJBRl9PL-3GK11fWoekfyqtdNQmf0DSlmOd6tSfH-V0nanSiRW9z4gEidty4o-WO6goVqcOTbboDrvRN8dW8gySJVyiK0aY
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 06:34:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELmhgqAWYGwGEze238PRmqc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BF69
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGTOKQBrrxUEjrDjqMX4cII&google_cver=1

43 B
1016 B

70ms
56ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGTOKQBrrxUEjrDjqMX4cII&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRCrlZYBGLjAvdUBMAE&v=APEucNUF45MNeAPmIGNhWLSK0euP8q0UKhun3aPJcPFUFLVfH51cV399QqnujDYEgdzpNDv1bxyRBKukBFzN_LsaFJBRl9PL-3GK11fWoekfyqtdNQmf0DSlmOd6tSfH-V0nanSiRW9z4gEidty4o-WO6goVqcOTbboDrvRN8dW8gySJVyiK0aY

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 06:34:47 GMT
AN-X-Request-Uuid: 34f41513-625d-4b81-b83c-b7af11901a8f
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGTOKQBrrxUEjrDjqMX4cII&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BF69
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MTM4MzQ4NjU2MzkyMTMxNA%3D%3D

170 B
188 B

167ms
65ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MTM4MzQ4NjU2MzkyMTMxNA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 06:34:47 GMT
AN-X-Request-Uuid: 531e7dd3-b108-4a27-8879-e67a3b28be89
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2MTM4MzQ4NjU2MzkyMTMxNA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.39; 82.199.130.39; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 113ms
54ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478813288996064&ev=Microdata&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&rl=&if=false&ts=1666161287551&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO%22%2C%22meta%3Adescription%22%3A%22%D0%A2%D1%83%D1%82%20%D0%B2%D0%B8%20%D0%B7%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%82%D0%B5%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%81%D1%83%D1%87%D0%B0%D1%81%D0%BD%D0%B8%D1%85%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D1%96%D0%B2%20%D0%B4%D0%BE%20%D0%B2%D0%B0%D1%88%D0%B8%D1%85%20%D0%BF%D0%BE%D1%81%D0%BB%D1%83%D0%B3.%20Oferlo%20%D0%BD%D0%B0%D0%B4%D0%B0%D1%94%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D0%90%D1%88%D0%B0%D0%BD%2C%20Billa%20%D1%82%D0%B0%20%D0%B1%D0%B0%D0%B3%D0%B0%D1%82%D0%BE%20%D1%96%D0%BD%D1%88%D0%B8%D1%85%20%3E%3E%22%2C%22meta%3Akeywords%22%3A%22oferlo%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%2C%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%2C%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.oferlo.com.ua%2Fimg%2Fmaskot%2Fmaskot-main-happy.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.86&r=stable&ec=1&o=30&fbp=fb.2.1666161287039.878912607&it=1666161286784&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Oct 2022 06:34:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1210663/66362802/ Frame 7700 46 KB
12 KB 179ms
55ms Script
application/javascript 34.248.3.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1210663/66362802/skeleton.js?ias_dspID=3&ias_campId=1009183564&ias_pubId=pub-1447540957213601&ias_chanId=1&ias_placementId=18583666738&bidurl=https://www.oferlo.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLToYLz1G_7BA4NVhoGvE8
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.3.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-3-167.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cb21d3506727d182f7b6e09cefb317a21b23d4d03b0afef8be5b0eea6afae9a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:47 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7700 170 KB
59 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Oct 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/ Frame 7700 8 KB
3 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A79tVCfdXWGgZMblRgWp8BFy0a6dLKhiWxIo7tpDDEeDjJMldbMldJAdN6iy3Qu4orJ1wnDQH8cb4keUgq97R7CGzStTVnfAPCEyp-F4wOCt_oqHhfdsj28C_nnp-VBNxlybW6njGdpd31tKw10Xt-JACJLC-yUftr5ONOctSzyBiklHM&dbm_d=AKAmf-Af0XJd9XZubrYHtPlRJbXheLwCK-rlq0sDTp71J01nZXMQy5O3RJc0LpeEJ1TDMlvtD2A847WMgE8Y2SWVhW61J8fB2uXCbUGrzDzV6oDb8BgG8scJF0byO2qMuFNoj_FVeYVgkEa03ibvc-NRbReQdVNfIiaDadDEaDuk5PARkfFswRXAfd9jO2Mycg1umvtObKf1oGXd0xI5VeCW6GYU_bogjKEMyV1gb20iPVXSTIVrOjtH4XRyCERYuHekHwPDD376OCStoReG-u9705NQXcx_5KzgT6qw48jr1wPITw1K1J1Zitfsd0drROugi4JbWFV6i7Bg8ijvLNA1cDZflsliTStxl90Pzi2SJ-iaiN66EYqFzm1A9B4gMYr0POff5S1_h1r18puV4lv8qdHWlG1ekVQRp6MbJw2449Zidyo9RGQqCTdDcqFn3KryazkLWVrh3w8Z5RMFz9qt0hl1rwJAqf7vVq1ysn0MQo1MB0W5zxCK9l2Z9_cze-27i_WjJOrh5F8xh0JfdaytkMOxjfNm30UInIMMATAEywJcvi_4z85a7YTv_bqbQLIT_xNbvf7FVpeA-eBuKzKEHF5iOvSd5J942yroQXJ37GfFxj0nL7f4WhvQmGDKuiuCXaZpwRimLDagceCbYLQow5-RlPDP2LdDTvuBzJWGaRFLzAuUzHfafxwVEW8Mm9geX287qGDHo1wz_L7n05SKDsAnuNg69nEfQDFP2QUNlp33H5yFc_cDC-P6QbVWAA0KDyXjyymgY9nM6zqalF3GjzTk81jg1TIILqs1rtLBoCvL0g3HbIbvEBFRrUcT9w3KmeUEZhdV77s67ASxkzn0YibqxsF-o1JqclHWJdFZkTodTd-KXbB-9MFgZOQDnlWkJzkFBz54NMCfJQ3pRx6vt83WlesxB_PKdXFG7bCpX5erc72bNAWIXn4tQhPFq2W4yPwIQmyWarfbfxaux4feQAynZlYNke21uJbltiK2OK3oNdcJYwKWMVaF5kXOdidbEu-tYuV-iF0GHuh8G-JHdTkBzXABSz3oSyes5qYLIrDOHLI8BNnwfjKdvKpPQaV7sg7N3eI2XXS3BflajPa0eEe_umIKtPt2hQr3Zjr1nGD9iKoRTUT9ZriuSiICSodV1bPtIL1cJaiAIvqJyuxNBpVZRjSPhvg-q0YSevOOyVmK7pfG0SndPLoFHZtF1YA8JcrPxOj9FvxP3zXU-3V4VsXDrCYZ1Zk187FdwOm39vszQHaeYdscj93NzJc12SSL66qU4L1HcazuYLDrTC3BSyZZUfo_eG954SUD82sXp7h56bjBXvFNlYxXTdMwsWqLy_COVqxvq_7npEm1t2NkbyXuoAgMXaMvRqNq7UxrxtgEFjjgZXUbY_4NSuBWCHhYXUKOHi-1QwIXFyrvcKVswTavCl9pql88iAAzB-GNcrVSJjzlf4780cNY6WpuLmhvr3quqvjQ9ZEiaYFXmj-niqbFElxMOSQ8mB6x5g3HpOXOgWYo3CgUPY7oyN5QSaA7ztGki_h9ILccqGL1FZ_iwneKIUW--zpXmHEFpjl-BnXh5upcdz_FdxyGhJwFfdAvvKZTneQ1qZbne-2alvMaaNftk4aqfcgltP9YBFDgb86Kmg_PpO-zHRqKp98uliZivxRhiIUfDTG-z6yNXSnAfpBdhlUwlJbqraDchKipR6y9YIfxVGWxBVDVmLL1STu4VJxNYox5rw-T1aDITPg5XjE9lu1B-cUdJFPczx1jLP8JF_b_BCU9ySl458GpfBnL6NE9LkQ24j8Tv4j2ANA_BWs_KgYhyGkEqx2UabbsionGAC5Hdk4B-nTXk6q8uJD-_Z4CwjuZWaEaCIw64sJyaXK_HI97cuRAW14wtpzrM62U8S7MdSIMIFzwNf-4O2Y7xJfzZiVSKnB_tLmK6_NLqL8dHF2aDFxmBf4ge22avV3zCjcQO2PV190ag6kPFWBzmdfUQVQFYCAhmX1oZBr2Ed1Nc5XrCPbLQUWY31hTCzYuIHelm8k9ual1-Z3yZ4bruHhmPkWJVD0HNSsHrlu2PoVrbhFsZzJQxGFn2d7j8zrLp0kiw6GStaXH9tWAfFOU8n_pDq7Pc0QTyeVTwiaNT9HKRJlstW7RJsCo1unjuU7QUgFL-ISrZHAaneU3sF6eSBtAK6jV-90EO0pE770djykyVgZRTBYVhhHMtnTPLjX_7Bf-10uwc99RQJTM1SgF6CC4t2YWpohuwgdrAxQomwB0pvdwW9SDHEn6EV4ks6ihO-N-uOettWsa1FgEOyqa4uh25vKsKaS7Ce2bfLjZw0DIOAObmr9u2lYglUIrzOj7AnorGwCWMnwVLFbLcKtJEwDql7Rgt42rjjDpkkAA-b6F06BGEkhXK1Vc19vvvCiM07JRvYrBKVk50iqgr-oV3_6P76lKjZsH2L1kpHVA_BspLXdDaDXoX3evMtEjDUDoHmUmCU-qwk8WejrtkK-TG767Qt8XlWRB-vQJI4amMFphrAHGlpLWSXEACJpZ1_l__5lmkBQuBzeT2aaxBBSxil7fZDATyiiF_v2OqA61ifNmOZcreXHzEmTJc0TZ_syN0L-aAfYOuAUPFCXPBcHJWNdqiBhlQWnZdLAsGGVIuSgJh-gzU8cuIGwtmfXMvv5DwqQ5kKj8ZIJmVqLrSEGiFoUevnOZHZzWxo_yehCMXcvMtxwVOKWdY7yQl23ChwckgZ8T4IWoKkt5eSd3Wv7iUwkH-FEKwWy4_wDccahZ3HO4H4sggLZ0smZMMwfpSdlKcH19NJULdI-4v_S51tFxTNuvYg7dbCgPWRXeDwChMmYPLv54AAHqJMqcg4m7kOM_m35iTybleyUl5uObO2Sm85r3Nr7JyXND_Lf3qvNQLoiRKqAVR54iUO9LIumgr7ee81Cq2lvqy7HAoMEzLrR616LmDVh9jqS2FSOPj6HIPUGX2RTrJMyEvSzJOnlYCt3xNwnfGgZsvg-FwP1wDG35sCwOQ37uOHHeqtFvzst4bmMHlCVuOSWq-nqDslskTJWrBEQZE8yGTvTr8IbVZ-UhkH2NjDQeV_lH0wuQqQ60aFzPbY_nVN1QbYlRAR61EGGswm2MDMJ4-coHXU-KV66vVq-GjBgEvDGaarfrJVonDC23qm-8yqtL1-7z6rcVRpJ5IuG0mButQRaYb_Xn3wbvGpirentHiWWMuQXUGnSBsNcRpH8VH4Plf9zsVuov7MgmOa0Js4BpZL2dLzGVAM2P3Ex_wWste3uHX6DmX2B7L_lhxaeh7mDyEDCkdXEM2M9qBBDGvJji3mfKrsTzgNQ-uqAibi1QgUgDL5QTxpbQ3k_6NYnEogyrfDF8xENeA6v-jbBZNGfp2yR7MvS0DkHIMqMasDGu_IC26hpkPqzlGmGp4rFm8z6wob9m_r9UK_ywudvfMc2LHrifDQvTeMMroyBC1l3fhi-u8i2xVime_EZlX4eV_AHNPrJOaupewhtTE0lWTbvW3M09Pr4rLJ9tLCb5-GPw0YP3GucL3-9PGPtVmpqo7vk1FNG7Qgnu7t2bdw5bReQ1AEvId_0jU1M7N1N9Sn_JA57wUTRY4gYebpcWI8WMOQ&cid=CAQSGwDq26N9BrAtKoceTROmTQNJpT3NaOBVewEugRgBIA4&rfl=1%2Chttps%253A%252F%252Fwww.oferlo.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:52:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame 7700 30 KB
11 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 03:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 03:41:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7700 41 KB
15 KB 165ms
55ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 10:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Oct 2023 10:22:29 GMT

GET
DATA 200
OK truncated
/ Frame 7700 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8839adadef045d6b6b96c08a1b266207c89339ea703a26b0f81ef3c657b807b0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.19.8.358.js Show response
static.adsafeprotected.com/ Frame 7700 195 KB
60 KB 213ms
65ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.358.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1210663/66362802/skeleton.js?ias_dspID=3&ias_campId=1009183564&ias_pubId=pub-1447540957213601&ias_chanId=1&ias_placementId=18583666738&bidurl=https://www.oferlo.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLToYLz1G_7BA4NVhoGvE8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da42947db2dbc8b734af5c4824cc9d4b7dcf3c3e239ea97734c635124dbdd2f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:05:15 GMT
x-amz-version-id: 0sn4_UL9l8bkgP3Aut8sG_7WwLSS70Jz
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 26974
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 17:05:47 GMT
server: AmazonS3
etag: W/"85e0b2aa9650a8cf76c0baf4d5352463"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: PnQDK89DbDmKSvw9e0JPgqEHWdfI2IH21pHD44osZ6QtT4ShnaWtQA==

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/ 151 KB
54 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210120101/reactive_library_fy2021.js?bust=31070367

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f896b27da4f5a9991dfb61cb3b1bcc4b04d2390e84487b7ca267c0688a7fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55069
x-xss-protection: 0
server: cafe
etag: 8640426661248626301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 06:34:47 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E04B 22 KB
8 KB 54ms
54ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 427489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 07:49:58 GMT
expires: Sat, 14 Oct 2023 07:49:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9852978551050334301/ Frame F6FC 72 KB
20 KB 178ms
63ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9852978551050334301/index.html?e=69&leftOffset=0&topOffset=0&c=XcPQ9vDq7O&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f79203a8deb812f3675f2b5918cc2d16128a9c59bcefbbfadd463f8109b14354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 06:34:48 GMT
expires: Thu, 19 Oct 2023 06:34:48 GMT
last-modified: Tue, 04 Oct 2022 15:36:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7700 0
306 B 112ms
103ms Ping
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIuA0aJ-XqoxyPMIMWYMlWDmgJ54IwKI19wgRNMgr4_wIkCXlqH954aNyE_3tC7vcGVI9AHfuZZRu5D03Ly2MmNUHsDsyen3FzQr_lJq0RRqjcljguAhbmEFGWgcS7F7dVZ9NtfpzXlSWNWClwiMsSoqUsdG_s-ZE5NOu2NEp-jABSXlu2bsIQ2VOvLdXIuvSotnjVus2lO0oW5lzxMC9am2dLiRz2Bb6qDGkWDzjSzb3lxk5TUNkWnvDJSiAVTGNLrQ96mW1pVD5YGIwN3aeBcxoF4IsU-E7taueUEEg121oPM6KH8SYVMus4Bjmlss2SCU1TkS-4kjXlp9bvsXpU0Wi1Rk2xe1sOwIaLnFnAKKxGS0oSa3UdyF8GKth6HVB8OGrOtWYOjiaPhRzOrFH4hv1DHdIEx0yhPs-zDO6GCSdZlWppoAANK7BytOoJN0rN4I4fmC5Bw8X3URQGu1eKwwymdysA06GwsdLfjfILBjiidqMTFfYY1Mhh14NcZdlF4biv_wL6L1MXPYjvTg_zqIpbU93vK5uUlreOSYadAc6tLYcbK1QTs9u8Lv8qkU8M1vcLprtA2oPdqYSJCCRxYfBCksiAkKenY1x9pDaYxOGPt0v-Qxwox9wjDxcJAFYPZqYKvmeYexIei6kLuoddU-m75BH344Y0ThRjnEsxLsgsaM2DViqbdSVxFp0zwDnTaGN3Ck17lr1dGBNFcwxM1zu811AhiU4NfHIq7ZEM0vMwVNb-LFWQFVO-emJQGnS3nXARkvV4C3uGJ67-76mMBRjattQ0LmEZarAngV1mBlX3KFtgJ8d1tfLAPbbO6NEgieNUh5rBNG_cbZSApwfT-EcpmytX4Nwp87LUr0ZNLfArcDHENK8At2N0GesDxZuy6dH-OZiNIWnB5m6j4RXBmSQ4ljh7XxQ11FndzB1ZcQtXhqmYPwG9RH0vr4PKIQfFyLvi6y9doZBlKaoH4o1zTTRJI4iO9UrRGvW0hvVzns0R9OC9xmypLYbkdTyk0l6HQUChgE8p_NN-Xw20eoXxAuGqaxyBNP2I6L8b3j3NRhf72ddOlgPkFGvS2VPCjlYUuv6tje4d3Sb0oqIPcdpOKz_jjor-Vl3CaFGs-YilTdbLd-9--v0fFvrz4QLVzCc5L8v0dUhcfGaUNVqZ6MRKnJNEztNKbQGksGXJAwM-NU5ZqxO78VrV0A&sai=AMfl-YQoVW-MFthSoB68e-c5SGyt-y7Y8rhPxilv299iw8BAsaym13T-jOwqm5SuKwm7-J6Ge3S5xEsxM2_znpONNugrXuQi1iSp7fT-r5gxegAktf5oL3NTGhanfhrNnpiuGd1FFQLB3baZaHkjN4FpO7v6sEsUNbE1GCGvbSzCUUbuBBZqocAyHaKOUA&sig=Cg0ArKJSzGSAeM52gTyPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=327&cbvp=1&cstd=321&cisv=r20221017.74637&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 06:34:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 4 KB
3 KB 206ms
205ms XHR
text/html 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist11&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-11-shop-tiles-prepend&d%5Bcategory_id%5D=11&d%5Btype%5D=visible&d%5Bshops_in_line%5D=12&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4f35792ce4fe6f4c5dde4c25919ef21d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

7c191e5ef9504ce2879aacd7dff8eaa160e68f7d136f9994a2087d43b35cccbb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: hLBfxMAWCi7ZijpMb6jB_8ZAiwic2voVNR0BMT5IOXr-g2mxtVlodKDvc3QI65GTvC3cUOivrydMaUN_fT1_HQ==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Wed, 19 Oct 2022 06:34:48 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:48 GMT
x-powered-by: Hyperia
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:48 GMT
x-upstream-backend: letakomat-ams-w024
content-length: 667
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Oct 2022 06:34:48 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 366ms
365ms XHR
text/html 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist14&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-14-shop-tiles-prepend&d%5Bcategory_id%5D=14&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4f35792ce4fe6f4c5dde4c25919ef21d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

837206ebf6e62ede22e73028f6086e3cf47af7719e15721650d7bc42e5cf5f41

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: hLBfxMAWCi7ZijpMb6jB_8ZAiwic2voVNR0BMT5IOXr-g2mxtVlodKDvc3QI65GTvC3cUOivrydMaUN_fT1_HQ==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Wed, 19 Oct 2022 06:34:48 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:48 GMT
x-powered-by: Hyperia
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:48 GMT
x-upstream-backend: letakomat-ams-w033
content-length: 454
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Oct 2022 06:34:48 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 1713ms
1711ms XHR
text/html 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist12&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-12-shop-tiles-prepend&d%5Bcategory_id%5D=12&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4f35792ce4fe6f4c5dde4c25919ef21d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

019e5ef4eae6526b7df9b7119715ece680f8a207b20742c38b8a73ab8f135c50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: hLBfxMAWCi7ZijpMb6jB_8ZAiwic2voVNR0BMT5IOXr-g2mxtVlodKDvc3QI65GTvC3cUOivrydMaUN_fT1_HQ==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Wed, 19 Oct 2022 06:34:49 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:48 GMT
x-powered-by: Hyperia
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:49 GMT
x-upstream-backend: letakomat-ams-w034
content-length: 445
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Oct 2022 06:34:49 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
2 KB 871ms
870ms XHR
text/html 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist15&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-15-shop-tiles-prepend&d%5Bcategory_id%5D=15&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4f35792ce4fe6f4c5dde4c25919ef21d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

c6c7f3ffc0deb34af0f7c06c3610b4c6736993258ea2189658735f42dd251e51

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: hLBfxMAWCi7ZijpMb6jB_8ZAiwic2voVNR0BMT5IOXr-g2mxtVlodKDvc3QI65GTvC3cUOivrydMaUN_fT1_HQ==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Wed, 19 Oct 2022 06:34:48 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:48 GMT
x-powered-by: Hyperia
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:48 GMT
x-upstream-backend: letakomat-ams-w013
content-length: 404
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Oct 2022 06:34:48 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 525ms
523ms XHR
text/html 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist16&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-16-shop-tiles-prepend&d%5Bcategory_id%5D=16&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4f35792ce4fe6f4c5dde4c25919ef21d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

3b5c2abc10ad805c4de0200f2e6a6dfdd82460db05e3145a169e7767d17d534a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: hLBfxMAWCi7ZijpMb6jB_8ZAiwic2voVNR0BMT5IOXr-g2mxtVlodKDvc3QI65GTvC3cUOivrydMaUN_fT1_HQ==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Wed, 19 Oct 2022 06:34:48 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:48 GMT
x-powered-by: Hyperia
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:48 GMT
x-upstream-backend: letakomat-ams-w023
content-length: 459
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Oct 2022 06:34:48 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 284ms
282ms XHR
text/html 2a00:1298:801f::b
AS-BENESTRA Brati...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist17&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-17-shop-tiles-prepend&d%5Bcategory_id%5D=17&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=4f35792ce4fe6f4c5dde4c25919ef21d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a00:1298:801f::b , Slovakia, ASN5578 (AS-BENESTRA Bratislava, Slovak Republic, SK),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

8df4fab5171a5708bb0e27d5c3b6a1d67dbe5a266851726dff167a2a7e03673e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: hLBfxMAWCi7ZijpMb6jB_8ZAiwic2voVNR0BMT5IOXr-g2mxtVlodKDvc3QI65GTvC3cUOivrydMaUN_fT1_HQ==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: MISS
date: Wed, 19 Oct 2022 06:34:48 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Wed, 19 Oct 2022 06:34:48 GMT
x-powered-by: Hyperia
x-proxy-date-now: Wednesday, 19-Oct-2022 06:34:48 GMT
x-upstream-backend: letakomat-ams-w014
content-length: 451
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Oct 2022 06:34:48 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame E04B 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 174ms
64ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 172ms
62ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/ Frame 80DF 10 KB
4 KB 54ms
53ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 17802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 01:38:06 GMT
etag: 9671129459699598864
expires: Wed, 02 Nov 2022 01:38:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 80DF 4 KB
636 B 180ms
71ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 04:49:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 06:34:48 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 80DF 205 B
743 B 170ms
54ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 03:36:46 GMT
x-content-type-options: nosniff
age: 10682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 19 Oct 2023 03:36:46 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 80DF 604 B
694 B 172ms
56ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 04:00:51 GMT
x-content-type-options: nosniff
age: 9237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 19 Oct 2023 04:00:51 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/ Frame 80DF 19 KB
8 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 00:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8235
x-xss-protection: 0
server: cafe
etag: 7715946797152839796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 00:15:34 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F6FC 118 KB
40 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9852978551050334301/index.html?e=69&leftOffset=0&topOffset=0&c=XcPQ9vDq7O&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9852978551050334301/index.html?e=69&leftOffset=0&topOffset=0&c=XcPQ9vDq7O&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Oct 2022 11:10:17 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 7700
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1210663/66362802/skeleton.js?ias_dspID=3&ias_campId=1009183564&ias_pubId=pub-1447540957213601&ias_chanId=1&ias_placementId=18583666738&bidurl=https://www.oferl...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

58ms
57ms

Script
application/javascript

2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448
Protocol: H2
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21227805
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: O3Lp4sIxxBJ5As8GCdUorQcBs0PTcx8D0okeCcsbOYE8RGVAhqIgUw==

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:48 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5262 91 KB
23 KB 65ms
64ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2386712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: _LyCYk0qSMQOXi4CarPEOnd6H_cS_CZc9XJ8czXvSpXdbaFpxGAWaA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7700 43 B
215 B 422ms
129ms Image
image/gif 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1210663&asId=e4761146-f845-c0b7-84b2-0f0d28fb760b&tv=%7Bc:rt8l9U,pingTime:-3,time:333,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:311%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:334,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:311,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkGKXQF+11%7C12%7C13*.1210663-66362802%7C131%7C1321%7C133%7C14,idMap:13*,rmeas:1,rend:0,renddet:na,siq:312%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:48 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7700 43 B
216 B 419ms
128ms Image
image/gif 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1210663&asId=e4761146-f845-c0b7-84b2-0f0d28fb760b&tv=%7Bc:rt8l9W,pingTime:-6,time:335,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:335,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:311,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkGKXQF+11%7C12%7C13*.1210663-66362802%7C131%7C1321%7C133%7C14,idMap:13*,rmeas:1,rend:0,renddet:na,siq:312%7D&tpiLookup=ao:www.oferlo.com.ua*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:48 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7700 43 B
215 B 415ms
129ms Image
image/gif 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1210663&asId=e4761146-f845-c0b7-84b2-0f0d28fb760b&tv=%7Bc:rt8la2,pingTime:-2,time:341,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1118,beZ:1120,mfA:1416,cmA:1417,inA:1418,inZ:1421,prA:1421,prZ:1425,si:1430,poA:1431,poZ:1443,cmZ:1443,mfZ:1443,loA:1453,loZ:1455,ltA:1459,ltZ:1459,mdA:1121,mdZ:1398%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:311%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:341,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:311,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkGKXQF+11%7C12%7C13*.1210663-66362802%7C131%7C1321%7C133%7C14,idMap:13*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:312,sinceFw:28,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:48 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/31/ 938 B
1 KB 113ms
61ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/31/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8425275b77f7ce018416241e85960821de53a5ed71761a1ae397b1a5e855336

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:46:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbCC8Fs4nD4o8rvxaVX1AELnbDq0nM1R0KQ2mgDO7FRaTSXvCXYREOx9oCS57OISJIMUwZeVHOY%2FPT414%2FT3dUsWNoKg4SrkXeWpl4f3SqPTJxw89FoXQ2QEnjsgwi3h9%2BIFa8yJ7phwJf5Q4BhCDWfGluk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d73bd590696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/3/ 2 KB
2 KB 115ms
63ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/3/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0ec01d98e8a4dc98af6301e8f95b634f63a9256cff1f71d592fe267fe1ec9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:28:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q56Dipz%2FtQOl9SVaDPIWafx9NIVNfFDklwJJbfbyMrE%2BOZdeBKBL3DHdEy7PzUJ48jyLIi1%2FazsbU4U4Ak1HU5aEvImmdCAOyrRIuWgYPtgXBEl9O9pStOk89tuMe6EPUesX60tAF32OIIDsHRXcjX0qKo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d73bd600696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1648
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/4/ 1 KB
2 KB 138ms
85ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/4/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ab7b6bae04a32fc40e9b91566b00a87306ede37dd72313499b831cef75b2c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smMzCA0Zslj6Ble20cs%2Bh7K13N7uanjxCYoT4bQuu5RNk2fTLgKwwAHfKJimoQhS%2F4iu97s2LLWZm0GYFSuaSxewHTj8dqscnh%2B2PNBjRueruaWptpe7Sy2HSnan6LKJ%2BB9REWZvLl0AAbamzVEh2ZyBE4I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d73bd610696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1156
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/1/ 1 KB
2 KB 116ms
64ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/1/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c2516c4c455411caea0c64380b128f1b5f01afcee30dd17560d3da5c7699679

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkkVqWozA5s7eq%2BwurEL8%2FHYMSticNwndaVd9TjkfQ%2F2jiiULo2sTeePl1syjl4eZtQQilYsWYv5k4hYA%2B6%2FnjlS7jy4ul5KkGrpDuMkpk%2B6NkVXHMEoitLJ6HnvnvtynwKC3xA3JQ1IDYVObyj1zJPOh4I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d73bd630696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1056
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/2/ 1 KB
2 KB 114ms
63ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/2/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b00616261a0df3574dfc8b4c0e0403d62121d1bc83b45744fe2c76c5252095e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:18:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxhKugwHgDQjBckDKESC0oHNeFs%2BzhE0oyk%2Boxl%2Bzr4RKqVezj6Z4wzfKd%2BHuwA8gLFFYIyu56cx2phdmP3vc%2FIwdg42l%2B3lC0sN8Grmo8U95OEDJzI%2FUru%2BjLkGtv0D7YYRH7SM1FONcYzcqtD7RKq5q5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d73bd5a0696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/9/ 990 B
1 KB 112ms
61ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/9/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b177a40aba940d7cdbaa62174e671bf2f02af901978167753fdcfce2be9101

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:41:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFdsy2hj79LAYbHkjFbztC7HRhqPEr9bO%2BPMDMTjSdM9xTAgXKEnebbh%2FNtwH%2Fj4fRvjUTd1fscjyyk2ubKuzLwS1ulSyyBtDWH%2BOgQ5McnBv5WCEUAI4RF%2FzWq5kNejD514ok7UtP31gsmIFU%2FSwdI9KkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d73bd5b0696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/8/ 1002 B
1 KB 114ms
63ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/8/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df94118151425d11320f6fb3958f309162e9556cf48af223f66421c6a3c8e456

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSqMGeNyQ%2BCSdWimyzx6u359eS7B1aAC%2BIbFZ79GqFPcQ3MhyrVHNuu3HRKosY6LS2haxj7RM13Bjmg%2F%2BeG%2BuWXpF3ngrDq329zDAKFAKMH2GfpVVOnSKXS9bPq%2FlNq3vS0V53%2FyNuWjvpIoH%2BA%2BvoGpggQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d73bd5c0696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1002
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/32/ 724 B
1 KB 110ms
59ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/32/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7e7d97399e03e24a55f3b6218e69ffd2ce957eca70aee8b854b6aa33366402

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 12:58:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eoWeqhNv9Z5VJrljtByoDtAcHsVMXF8HTMFDA%2FY6StqEBnARBsg8uVxrL2n2Yv3Tp0eFN5kNlHZNjqd0xQl1fVVdLOI2vzBpAn1Q21ULxq5itk1oHGWaVs4wi5rgtgQ6gwJt%2BkSe2UE5H5PuDOqQeVrpHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d73bd5e0696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 724
expires: 31556926

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E04B 0
20 B 93ms
91ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoSRkh5pPY_6CHfmE9u8PqeacqAwAAAAAOAHgBAI&bg=!xMelx4PNAAYeOJy_Pjg7ACkAdvg8WqbKg_UTR0W4PExkQNRPj0tc0Xu6Mdu-q_lPIUdjYsTWyF57rAIAAACMUgAAAAJoAQeZAsMm8Y7rcrWMJpAGK7GTR43kgqTmusCWGFAwZ9sUmH3JKFWrt5id-lEi3U_qtLKmvIV2VN8RNJ4kqYbhWgMucafIwjUZhF50IEIsmcbN6cMQhoy2rvY6zHNJhrn_pi_rnkGIx5L5afsYoAfCH9uJgY3m5y1_Tl38I2oGGI8nG0jnmRr0UfTnFUMlgJIANVfPagq3IyWOd33AuG6W_Zf9bFxZz55LgZcmxAfgckGkX-fWAcSfk5dtMH3lPiHxtxFk-VtY2e7Kjglwi_JRgJ1D0h1zIGgWb-jSnO_JpI1yrF1DQtVNxm07dCnbtnMWEKMQo45zwmuW-XYt-NRms6YguMosrbQrp13bIbqYOvx_ja72FoZ3_o5OIzNg9fjUI1gBu1KO2fbAZ__kgM5ITyR2xTRU6B_JxOt_ipbJynKQrdSnYmHvlSaTergcYQru1SRnaMO6kIhZXy-7zWd3JoZ2YSzLR4GiUgYfbcgU8by48fxMtX3nBVXVgOAY-zb2715al2ehxwORQkvcdYMJFXzAubaD0Gsi3yoPn0OO572oIhMGbov0ZBiwnGzGVbwUt8j1qfENLlXfhzYamgGoo4biBsK7jVkZ1YRaI_PGY1xVPb8c3USXivvWrdVMdpZ_t21VFH_xl6JN2cfma5GqAfzQBcSQIR3hQHjH12db233smZDffwQu4bjhM1PznECPr8ah-ScxF6vzB3Gr6JI2lIgT-c4Jp3x5IqN5wakAiOYqJAJvq_XswWkPcNtWHz6148oKW3_uZTC6x-N_DxmMlVHvMemLpDYrpZGZ2oUYTlYzHPQ28pxRnAdhnF5js77NfmaQ39yx49woWfmEyVTH2lv6rfIOufSJj_gAnV1FGluCfZwJwkLefpFxlWQYHDOIwzWW3OzfivpG9dhfMZ4_wqt6fHdnOipULUM1jFL5lImwbxDsEpPwVg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7700 0
26 B 93ms
92ms Ping
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIuA0aJ-XqoxyPMIMWYMlWDmgJ54IwKI19wgRNMgr4_wIkCXlqH954aNyE_3tC7vcGVI9AHfuZZRu5D03Ly2MmNUHsDsyen3FzQr_lJq0RRqjcljguAhbmEFGWgcS7F7dVZ9NtfpzXlSWNWClwiMsSoqUsdG_s-ZE5NOu2NEp-jABSXlu2bsIQ2VOvLdXIuvSotnjVus2lO0oW5lzxMC9am2dLiRz2Bb6qDGkWDzjSzb3lxk5TUNkWnvDJSiAVTGNLrQ96mW1pVD5YGIwN3aeBcxoF4IsU-E7taueUEEg121oPM6KH8SYVMus4Bjmlss2SCU1TkS-4kjXlp9bvsXpU0Wi1Rk2xe1sOwIaLnFnAKKxGS0oSa3UdyF8GKth6HVB8OGrOtWYOjiaPhRzOrFH4hv1DHdIEx0yhPs-zDO6GCSdZlWppoAANK7BytOoJN0rN4I4fmC5Bw8X3URQGu1eKwwymdysA06GwsdLfjfILBjiidqMTFfYY1Mhh14NcZdlF4biv_wL6L1MXPYjvTg_zqIpbU93vK5uUlreOSYadAc6tLYcbK1QTs9u8Lv8qkU8M1vcLprtA2oPdqYSJCCRxYfBCksiAkKenY1x9pDaYxOGPt0v-Qxwox9wjDxcJAFYPZqYKvmeYexIei6kLuoddU-m75BH344Y0ThRjnEsxLsgsaM2DViqbdSVxFp0zwDnTaGN3Ck17lr1dGBNFcwxM1zu811AhiU4NfHIq7ZEM0vMwVNb-LFWQFVO-emJQGnS3nXARkvV4C3uGJ67-76mMBRjattQ0LmEZarAngV1mBlX3KFtgJ8d1tfLAPbbO6NEgieNUh5rBNG_cbZSApwfT-EcpmytX4Nwp87LUr0ZNLfArcDHENK8At2N0GesDxZuy6dH-OZiNIWnB5m6j4RXBmSQ4ljh7XxQ11FndzB1ZcQtXhqmYPwG9RH0vr4PKIQfFyLvi6y9doZBlKaoH4o1zTTRJI4iO9UrRGvW0hvVzns0R9OC9xmypLYbkdTyk0l6HQUChgE8p_NN-Xw20eoXxAuGqaxyBNP2I6L8b3j3NRhf72ddOlgPkFGvS2VPCjlYUuv6tje4d3Sb0oqIPcdpOKz_jjor-Vl3CaFGs-YilTdbLd-9--v0fFvrz4QLVzCc5L8v0dUhcfGaUNVqZ6MRKnJNEztNKbQGksGXJAwM-NU5ZqxO78VrV0A&sai=AMfl-YQoVW-MFthSoB68e-c5SGyt-y7Y8rhPxilv299iw8BAsaym13T-jOwqm5SuKwm7-J6Ge3S5xEsxM2_znpONNugrXuQi1iSp7fT-r5gxegAktf5oL3NTGhanfhrNnpiuGd1FFQLB3baZaHkjN4FpO7v6sEsUNbE1GCGvbSzCUUbuBBZqocAyHaKOUA&sig=Cg0ArKJSzGSAeM52gTyPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=684&vt=11&dtpt=357&dett=3&cstd=321&cisv=r20221017.74637&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cc2fa6f05f6b7ab36f626f2501931c3a.js Show response
www.gstatic.com/mysidia/ Frame C5BC 10 KB
4 KB 165ms
54ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4312
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 23:46:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 f3a21094426edb3d7317c372068cd6cc.js Show response
www.gstatic.com/mysidia/ Frame C5BC 150 KB
56 KB 166ms
57ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f3a21094426edb3d7317c372068cd6cc.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cdff57de636e802298546b0802f12f48846f38ff653de02c9cf44aa239390cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 07:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57284
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 07:39:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C5BC 4 KB
816 B 66ms
66ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 06:34:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 06:34:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame C5BC 2 KB
902 B 55ms
53ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame C5BC 23 KB
9 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame C5BC 3 KB
1 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 19:23:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame C5BC 17 KB
7 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5BC 152 KB
46 KB 186ms
76ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 06:34:48 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame C5BC 33 KB
13 KB 161ms
54ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F6FC 7 KB
6 KB 178ms
68ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eed43d65a3c9a25197aba3db157caef0a438440a5fcbe6d90b2c8eacbae7c6b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5649
x-xss-protection: 0

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/16/ 786 B
1 KB 80ms
79ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/16/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f16f58885de373ce052a72b68ae407a049b3037a4324a04043a42fdac99460

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:44:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29%2FmLBGsv%2FykNTsqL9mpZprQLaoawhOt4ImKOOy7ISIDItiLKqR47zSWob64L%2Fx3SssGVC%2B%2Bv9OQW2XFwh4dwLQ4seEK6RdBWZA2VjsLmZV53SlAEyayYuVRG3ow3vVaM3snqbpEih6QZOe3HDJ5Bo7gzxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d745dcd0696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/17/ 824 B
1 KB 62ms
61ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/17/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f22966b13e75ab8fda4c46107f7de87998e445e7b37e377a03a9b5beab88b9b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:21:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GES1SY%2BQdyzYoyGePJ54ZXO18CkzGfmR1%2B1haBREvk00MV%2FVJMvWfnaz4ycC4AgdYH8K7u6BxZzH4aa3GHRhZFxkb8JF67AhEPJLZOjpVWF4lz4HVywaBXYugz%2Bs1nigejHkEwKm5%2BsXjb0WvL4ZBq5BQMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d745dce0696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/15/ 1 KB
2 KB 73ms
72ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/15/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f43e35c9c59892abc041c104628f994df6c53ab6364055fa42821c1122a618e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:18:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVY92d%2F04kdYyob6dV9x2%2Fg%2F6GWyjKwRo%2FGwZho2BB2M8Jh9G782jj6afdLoyXqDuITxdyaXHBxcoDT9ORzDqGXenrnhUaFgChJxVehHzFWIv2y%2FIWVyyg9usKkS5unV2UhAZDI4BXa%2FDvHt31r1ZOkHo9M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d745dd00696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/14/ 796 B
1 KB 69ms
68ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/14/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049edfff9507adba029091a9ef66a3017d290cb2d81bb96af6ce86161882192

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:03:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrCJLLASp3EGllvI2R%2BpJGaOo9sLOnrjpQvUutWPWkVWjmFqJxl%2F0JId0RCNeKVo6JqRhsPbQqJh0CAGZyQv2kteu6hxcD1VMmAgQq6rjTjsc9y82A8dwWXzQEW5aW740g9uqBzrMu7UJSC0DAsVh1K1%2BXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d745dd20696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/18/ 622 B
1 KB 65ms
64ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/18/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7626318acfbe6eec5abc99f2cc5778703edd1f90463af85d4cbedd693faa114b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:11:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9amJoUs%2BzY5mz%2Fx8FNlMO%2BcNdEKH859bRYglLQ2Z6Hl6S3b9Hs83KJQHqvx1WFTYztaKODvgNujYc1i5isdacQEuoeflYm7DbVJ%2FRTIat2OeCge0krL2L704FNEfwZg08WFcCpApE3X0aJgmJGr7FW8%2Fv%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d745dd50696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7700 43 B
215 B 219ms
129ms Image
image/gif 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1210663&asId=e4761146-f845-c0b7-84b2-0f0d28fb760b&tv=%7Bc:rt8ldc,time:537,type:e,im:%7Bpci:%7Btdr:138%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:537,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:311,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B236~0%5D,as:%5B236~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkGKXQF+11%7C12%7C13*.1210663-66362802%7C131%7C1321%7C133%7C14,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:312,sis:510%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:48 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/24/ 786 B
1 KB 62ms
62ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/24/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33b77c3ebb0dfdb1386c077573297dc737b1e1e9e26f33186edd1c1bd7bd8972

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:28:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvxEkjHdj%2FE%2F2Vmm5nmIhXreZXcuMwnrGnn%2Bf98JmS9MRO%2B3GEydbnTs61UpRC7hWkpuxFr5R0nkYsT76SqCrIYuHY47vkfmXnKUznxdqqKfUilur5d%2FQDzSMrflB2yj19BmGPNo0x0LjcIikx1MKwj2KC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d755ecf0696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 786
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/25/ 1 KB
1 KB 65ms
64ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/25/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4253f77b0d96cf34bfcc0c2f8ade40886e3a60e5fd6d6531a66c848456437b03

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:46:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMbzg5qL%2BTfIiwTLETUHyJaoKxWnvJDCV1SsxdPfQaAr7ztSn4OSMFsmDom2Q8iRhQZ36sIFPdoRIgFCWbvnoF6j5S76scQLjq5ZjOiOGx1XUJ75K52azuq7FQk95S%2Bk8c19cLxTAlr0WXPM2uNCtzSuzkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d755ed00696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/26/ 462 B
959 B 79ms
78ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/26/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710cf1f76557948352e0a3bfdfbb71197ba6a984c9b73cb557f4a654113d7b70

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:20:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VV6koCu7ZndxtI1XJOqsI5p3RjMhlm0OWrNewHe5NGAX9RYSHPEgTEu7Eb3zjYBbnqhNXaaqDzscykN3zaOY91txqhVPYdb%2FDABQS52HM%2FQyPwwv661eylEC4XaMtcxIhePfe5FWqr6d%2FiwBXhztw1d5kfk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d755ed10696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/38/ 548 B
1 KB 72ms
72ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/38/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d15f85d0aa8fe49a0ba11e1bcd2c4ad286c0ab1bc0452dec8c2fec9a446a6caf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 06:58:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aenQCmDEDOpNyd%2BtvNs5r7lI0grOe83kx3r%2B1yWkT28gQi4tHSayYXIvCi6G0%2BxiGb6kq0E602Bc7IOf5le9a8AfZZHJiWxYTml1xbM0qwzlWGApj1ylBHhQt0X%2BRxctxaveoDsnDsfirTmJ44EfcZv%2BTrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d755ed50696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 548
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/39/ 552 B
1 KB 73ms
72ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/39/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97992093717fde367507473ba78c48117095bdd5eac32fa9b9c8144aa768e4d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:13:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCWdhB2MMP1y%2Bsy05sQ6BXXUKNdff%2F3u421B7PCC4bFDFRkfnDRZeDdVg%2BrdHCgTsDNh9jUQnsIbqTluv4PWLXNB1zYH1%2BU%2FHPBtuMScND%2BMkGaIj%2FtBDREPQnihw%2F51P5OSO7FJQMAaB1VsySSJLJTx7%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d755ed60696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/37/ 568 B
1 KB 68ms
67ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/37/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f2d2cce0c47e7d116589c641a59f0ed79aa7db34f2e96257c7b4deadafcc2c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 06:58:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMN9Ctu%2BF1%2FcDR21kF4GCkIFfcjGIDrYwoEUT4OD9rirTbB64ftHVaNfzJvFYqfrx%2FTZQtEtaVW7jrpzWr9KFPF76lkf%2BcqQuXQg3c%2F2IPBoZHV1ZaddtFBnRdBSCRoIS3AddPHZbHEOEWvT588zhzLajuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d755ed70696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 568
expires: 31556926

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F6FC 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 06:34:48 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C5BC 0
327 B 440ms
142ms Ping
image/gif 2607:f8b0:400c:c38::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l9f9eu7v&c=3125500848353&slotId=1562750424176.5&qqid=COeTkL3W6_oCFc_luwgd9CoEeA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3a21094426edb3d7317c372068cd6cc.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c38::78 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

14005133618456074320
tpc.googlesyndication.com/simgad/ Frame C5BC
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXsMjb_gEQ3AYYwgMyCJoYbogAFYW3
https://tpc.googlesyndication.com/simgad/14005133618456074320

81 KB
81 KB

54ms
54ms

Image
image/png

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14005133618456074320

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd4382e79b727cdc888bdfef1199b74f5b651781e957c8550d5dd4f7e1e5aaa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 14:22:06 GMT
x-content-type-options: nosniff
age: 317562
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82631
x-xss-protection: 0
last-modified: Tue, 10 Dec 2019 17:21:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 15 Oct 2023 14:22:06 GMT

Redirect headers

date: Tue, 18 Oct 2022 06:59:38 GMT
x-content-type-options: nosniff
server: cafe
age: 84910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/14005133618456074320
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Nov 2022 06:59:38 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7700 43 B
215 B 129ms
129ms Image
image/gif 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1210663&asId=e4761146-f845-c0b7-84b2-0f0d28fb760b&tv=%7Bc:rt8lgR,pingTime:-10,time:764,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666161288601%7C%7C967cac14448deaf68050e341b497ad1b%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Ca5d8ed7975828e5b19af834fc1179f43%7C%7C94a492f97a851fcfc758774e4b199224%7C%7Ca97d94859491d3f4ecc21f01aa128abd%7C%7C1e967725d87e3545ab99271613ab714c%7C%7C09d0b277855be0b539ab8d6a12290755%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1666161286&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666161286270&bpp=2&bdt=434&idt=441&shv=r20221017&mjsv=m202210120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=543909112797&frm=20&pv=1&ga_vid=159357337.1666161287&ga_sid=1666161287&ga_hid=2086608127&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31069178%2C31070367%2C31070385%2C31068919&oid=2&pvsid=3284389028113511&tmod=1231347606&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Co81CKHke9&p=https%3A//www.oferlo.com.ua&dtd=448
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:48 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

206

videoplayback
r1---sn-4g5edndr.gvt1.com/ Frame C5BC
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=f6898d4affc36e27&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1666168487&sparams=ip,ipbits,expire,id,...
https://r1---sn-4g5edndr.gvt1.com/videoplayback?id=f6898d4affc36e27&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1666168487&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

170ms
54ms

Media
video/mp4

2a00:1450:4001:24::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edndr.gvt1.com/videoplayback?id=f6898d4affc36e27&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1666168487&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5E17A84898180F04CDB35E3CF3BBF8B2BCAB4162.48727ACEBA84F2FBE48001473E0D14C2219C4FC8&key=cms1&cms_redirect=yes&mh=B4&mip=2a01:4a0:2c::8&mm=28&mn=sn-4g5edndr&ms=nvh&mt=1666160634&mv=u&mvi=1&pl=29

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:24::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c4851949856c9f67775f07033e8f7a8524ff9cb4b7cd852a3513706d71231533

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 19 Oct 2022 06:34:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 Oct 2022 23:42:03 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1451422/1451423
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1451423
expires: Wed, 19 Oct 2022 06:34:48 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:48 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5edndr.gvt1.com/videoplayback?id=f6898d4affc36e27&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1666168487&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=5E17A84898180F04CDB35E3CF3BBF8B2BCAB4162.48727ACEBA84F2FBE48001473E0D14C2219C4FC8&key=cms1&cms_redirect=yes&mh=B4&mip=2a01:4a0:2c::8&mm=28&mn=sn-4g5edndr&ms=nvh&mt=1666160634&mv=u&mvi=1&pl=29
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 701
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 955D 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/9852978551050334301/ Frame F6FC 8 KB
8 KB 55ms
54ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9852978551050334301/cta.png

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00c9321faab83b2ae63bf477248f22a77ecb78da0ace4f41d1065bc2ab446ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9852978551050334301/index.html?e=69&leftOffset=0&topOffset=0&c=XcPQ9vDq7O&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:20:18 GMT
x-content-type-options: nosniff
age: 400470
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8517
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:36:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 15:20:18 GMT

GET
H3 200 finale.jpg
s0.2mdn.net/sadbundle/9852978551050334301/ Frame F6FC 154 KB
154 KB 56ms
55ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9852978551050334301/finale.jpg

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01267ad6029d5900a02ad968d4f56b102a47cd657c2dc94d30af15d80a6405f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9852978551050334301/index.html?e=69&leftOffset=0&topOffset=0&c=XcPQ9vDq7O&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:20:18 GMT
x-content-type-options: nosniff
age: 400470
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157997
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:36:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 15:20:18 GMT

GET
H3 200 SpriteSheet_300x600.jpg
s0.2mdn.net/sadbundle/9852978551050334301/ Frame F6FC 557 KB
557 KB 72ms
71ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9852978551050334301/SpriteSheet_300x600.jpg

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

063cf29ea5291058d42ba4e5a24b8d544e3bc00e80c1cfe9dc0d226c4628cef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9852978551050334301/index.html?e=69&leftOffset=0&topOffset=0&c=XcPQ9vDq7O&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 15:20:18 GMT
x-content-type-options: nosniff
age: 400470
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 570412
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:36:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Oct 2023 15:20:18 GMT

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/29/ 776 B
1 KB 71ms
70ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/29/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c897fcfa6be72e2bf55770711a1f26dab4095d209ca4cc92b65cba0f0ea0b83

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7uFAwbzQYH6IGdr8lIZLeTA8hqnHVdHOKG8twMfSzdF6PiEAYODTFfHT6v8KndIb%2B%2FES5JyV61hgmUCDbJQx8%2B%2BIniuroo6Dxttj7aWQo3OwFHQDXsXDVydtfFsUSIzoa5Qaqczm8dpaB02P0necF4vLdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d7789120696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 776
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/11/ 824 B
1 KB 64ms
63ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/11/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f50ed9c3c87ec6211e8cefe2c82e05d2e89f75991ed6fdc0b9607449db7dd777

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEmlbp5N3R19Cl4bZXp3VLI4UvENLHzSsT8vKxNw739pMOEQ4mC2t75%2Bwsl7ZbMWAPqjAbi%2BnXZ9g8kx2grtQqzXwZT8Qno23ZkIs91dmbM4guWe1mjWs0wVrWTmt%2BmnSR%2FTJYNP0VsUTLKFyey1NzlJB9w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d7789130696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 824
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/12/ 498 B
1002 B 68ms
67ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/12/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0674a525618751a642fe4baa693ff34b3c0580a13624da212f9d61300916b76a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JNzeGAyOzXl%2FaU4N%2BOLaEKEjBhvwJinFcNjLPbNqEvrctm66Lpjp75OJCdOFyHRxH6ICyGUrLr0UWKoq14W7sZLGNLGKNqD1OcXUqzjhGc5TEtZ6miri%2FPw1eMkc8OWEJKNhpwvnhYCwwX5KcpblYc0kBk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d7789160696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 498
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/28/ 828 B
1 KB 60ms
60ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/28/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6c0fd70405f944e0d310f7ee9e16249c00f136832d2eef24207a29b92a42bac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:48 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:58:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeCLEFCPLP6TcqkYcCmZk4m41S0XA5Eg6XL9L1BaNemd%2FXFLpX3vggUMyjQDbaCzMIiURbZjCoiPdmYJFFaxZ0IBv5M1ZShACuK93rJNOhNq1CFC0Oz%2BBHATLCEXBTnvbdohdLUp0H1dqQjEuLFuHExDuJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d7789170696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 828
expires: 31556926

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7700 42 B
64 B 92ms
91ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1p7zVkUzrL8ep8cAwAmp81mZR9USzH27sDad_a18tZqsJGHTvbpjEZQ_n20pX4ekdXruoXFqcwVvHguqb_OfQ8A_PmPf_4dFjVOmIsFmeIXxKGtu77Tpg7dDtf13m_0YmYXFSow&sai=AMfl-YSNHTZ7GRYIJBeWxW4zI67UdBZDeTjcvBhgAzGJF2KbqjVBYL7aH07r08EPVxxVtBZqIMXAO0fT0R7iH7U&sig=Cg0ArKJSzGi5_D4WWVUnEAE&cid=CAQSGwDq26N9BrAtKoceTROmTQNJpT3NaOBVewEugRgBIA4&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=760889125&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666161286719&rpt=1267&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 75ms
74ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221017&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

add35620970c221936e3b346c4028c5809edb5ec9404cdea9013a232d35dd464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11117
x-xss-protection: 0

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E03 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 06:34:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C17 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 6397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 04:48:12 GMT
expires: Thu, 19 Oct 2023 04:48:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 14EE 783 B
535 B 67ms
66ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c9cbcd0258163a14eebffcfe03781814ec64cc7478467cd11187fe6dc164f6a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wIvA8Ezz3C4zSYy3INnldw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-wIvA8Ezz3C4zSYy3INnldw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 06:34:49 GMT
expires: Wed, 19 Oct 2022 06:34:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C17 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 14EE 0
0 88ms
88ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221017&jk=3284389028113511&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0C17 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mNMuew
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/20/ 1 KB
2 KB 60ms
60ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/20/logo_ss.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d22520c085453857e822427f0f66d18d0c98986f6e1e40d6fa0fc7d44a657be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:49 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diQ4%2F1gaEYK5O8UgVzYvzOqSCt67XZTuHqKTDMML2Mr2vwLRlN0ZCK3z7w5V3MkDjz0wPVtHm%2FAF9RnWnBPzgYlcook%2BesYgQF89NQ0S8C%2F98WPYQmUD9f690p4dB%2BLkUMd6PDSpvSibRJbyhORR9gW1Mls%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d7cceb00696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1146
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/21/ 838 B
1 KB 74ms
74ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/21/logo_ss.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4c24faa867df9b33628fdb8aaf2d456e989750e4cda61f2418fee5d8b1c5cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:49 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:28:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeyAnn8CbLHboSv9kmeOmyQFtZLRFpgs0HKu7IBgvWU2DLAw2j5Cw5Fakbc8ujX5zI4pgqID3eMC%2BHy%2FT8BJ134OeH%2FwiIvopTd1cb4PxxIqqniJHRZ8aGxVJeQHa4diti6DFDtByvmvkPcY9JqgGbOXIGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d7cceb10696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 838
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/19/ 918 B
1 KB 70ms
70ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/19/logo_ss.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a0574a1e7e1a1090b17dbf386399714e05f4afe8f09e15a3e5dbd58b435eb1b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:49 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35%2BVFGvVYcPQXdJikfFVTUzMkW7i3MOARkufu1wZmvVRminKogaxOPH8xBBjmrWGe8BP8r0Mxb6AP32X7ObwowCT7JZpC9azSmCZykZMhQMbU9rYObj%2BP89sCTc5fGZDdtastRDF8kE9V8OhDwKa3OFnDt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 75c77d7cceb20696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 918
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/22/ 798 B
1 KB 66ms
65ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/22/logo_ss.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914d089eacaecf6944ee46bec04ac11975c734f98ddbfc5750536c2adb23fce8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:34:49 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:44:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1ItnrIp2XbH4uoIaT%2FmB60Td32EERfKtq22KihHfe%2FkE8AdRWcOe%2F3ElzIY32%2F81N3n%2FYtLzsZKRiR3FDg8uCb%2Bxnj59igBnggpZQPHgfGsJeHZIJUcvIA6pv%2BinY0kAi4winjVxMPPEF6RZjGCLsY%2FX%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 75c77d7cceb40696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
92ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221017&jk=3284389028113511&bg=!YmGlYSXNAAYeOJy_Pjg7ACkAdvg8Wsd3IucOd6J4l9jTq9ISc83wPLjOsdVwHNyRVxdC2fcxeyr8fgIAAABeUgAAAAloAQeZAqboNzJAcLkS_a3f1bp_FZ1vc6g_Jx6gOY8ECkQnhkSh1clZCgdEQQQLHo4ziAwZMkwlR_IYL0dPACjT2SWvuqHNn3nghJDodbF-cz7wVwAtZqiD2qOrfzS9gOWjWaPRz72o_ZreGWMrGh4BzLTRhlgf8KSnCqUAf2p9gIASrLnOoqQlrha0n71RFO-j6DIWq7GdJZO7hkRz2lqyPT7_fdd-twz0HaT5mfcic_HIx6xRA1UdrbpE2qvYNTf4TF7FYViKM_-wLLIvjVjFiCymRl4-9f3pOq8uTju4CqhnO2fZvsWmsEiVZ8KHRSoyUTfETJ75qoCsuEb_x16JAssn6gQ_a5r8Ep-9ho_7Kht3XhHdYzLyJC-FAzYvbih5LXlVpRAuvVJx6AuPx9oerutoi9dB9_vUUPDyOI4ff1kzBPpWuwGpodsQ7com4ANCSKwASEAhYkk23ulZLt17pLkrZ_3bSHngWVltivecgO6CFM52UarWhl7pSPCUaAiIsOqzHTrqfB-E5U4ZBBB7O6n80Zlb7MhieAxVKavrhSUAAEVWXpDyNsMkbFNxiMsRvx0GnUct-AKrQrOeaVBUVRgrL4-MsxeMclT_9IIuyfOAidn61wQx5yKejWhAoi7bYnZBiHz5F3NZRPUpyTGfdU6r4VSsatCzg9LEUXXpuDlgJYDIqCMwWi3faxanjwlxhrDkRRawYpYrcFnxBFgIpDF6_YGW3YmC2IHa0U0KBS0cGc9xsNvY1sC0IvpdEtXI8NRTlN6Tlt9eFJW9IAOwR_tu97ifCcm3_aRLU7__6_Iz5GDag_msuhf9zO8RvoDH45TJnkLb-uJGuP962SZEAhlmupslecsAE3xhqMi6yqpUuFF7ZNUzWXo6VL5mvUrUnBgAFKZgLlSMlf0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame C5BC 0
17 B 434ms
142ms Ping
image/gif 2607:f8b0:400c:c38::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l9f9eu82&c=3125500848353&slotId=1562750424176.5&qqid=COeTkL3W6_oCFc_luwgd9CoEeA&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3a21094426edb3d7317c372068cd6cc.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400c:c38::78 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7700 43 B
215 B 129ms
129ms Image
image/gif 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1210663&asId=e4761146-f845-c0b7-84b2-0f0d28fb760b&tv=%7Bc:rt8lGV,pingTime:1,time:2380,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:311%7D,%7Bpiv:100,vs:i,r:,t:1379%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1379,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:311,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1078~0,0~100%5D,as:%5B1078~300.600%5D%7D%7D,%7Bsl:i,t:1379,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:139,fm:tkGKXQF+11%7C12%7C13*.1210663-66362802%7C131%7C1321%7C133%7C14,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:312,sis:510%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:50 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7700 43 B
215 B 132ms
131ms Image
image/gif 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1210663&asId=e4761146-f845-c0b7-84b2-0f0d28fb760b&tv=%7Bc:rt8lGV,pingTime:1,time:2380,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:311%7D,%7Bpiv:100,vs:i,r:,t:1379%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1379,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:311,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1078~0,0~100%5D,as:%5B1078~300.600%5D%7D%7D,%7Bsl:i,t:1379,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:139,fm:tkGKXQF+11%7C12%7C13*.1210663-66362802%7C131%7C1321%7C133%7C14,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:312,sis:510%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:50 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7700 43 B
215 B 130ms
129ms Image
image/gif 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1210663&asId=e4761146-f845-c0b7-84b2-0f0d28fb760b&tv=%7Bc:rt8mJr,pingTime:5,time:6380,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:311%7D,%7Bpiv:100,vs:i,r:,t:1379%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1379,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:311,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1078~0,0~100%5D,as:%5B1078~300.600%5D%7D%7D,%7Bsl:i,t:1379,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:144,fm:tkGKXQF+11%7C12%7C13*.1210663-66362802%7C131%7C1321%7C133%7C14,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:312,sis:510%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:54 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7700 43 B
215 B 128ms
128ms Image
image/gif 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1210663&asId=e4761146-f845-c0b7-84b2-0f0d28fb760b&tv=%7Bc:rt8mJr,pingTime:5,time:6380,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:311%7D,%7Bpiv:100,vs:i,r:,t:1379%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1379,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:311,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1078~0,0~100%5D,as:%5B1078~300.600%5D%7D%7D,%7Bsl:i,t:1379,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:144,fm:tkGKXQF+11%7C12%7C13*.1210663-66362802%7C131%7C1321%7C133%7C14,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:312,sis:510%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 06:34:54 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.oferlo.com.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7k06uo6je5ji22u2f1icrc4vj0
www.oferlo.com.ua/	1970-01-20 15:34:57	Name: SrvCch Value: 0
www.oferlo.com.ua/	1969-12-31 23:59:59	Name: _csrf Value: a5198aa772816c9bcf96caa9fa41c4d15c101759a8e62e639aa8cbe6415c7b16a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22z36uuObZyeI8gCPlzmWXtuU2ytBNCuFg%22%3B%7D
.oferlo.com.ua/	1970-01-20 08:58:57	Name: _gcl_au Value: 1.1.460534955.1666161286
www.oferlo.com.ua/	1970-01-20 15:34:57	Name: push Value: 0
.oferlo.com.ua/	1970-01-20 16:25:21	Name: _ga Value: GA1.3.159357337.1666161287
.oferlo.com.ua/	1970-01-20 06:50:47	Name: _gid Value: GA1.3.714097175.1666161287
.oferlo.com.ua/	1970-01-20 06:49:21	Name: _gat_UA-24834420-46 Value: 1
.oferlo.com.ua/	1970-01-20 16:10:57	Name: __gads Value: ID=945c8bd971068e24-2240f1344ace00a8:T=1666161286:RT=1666161286:S=ALNI_MZVWYnPNlMY7DDW3kvl-fBqeTm48g
.oferlo.com.ua/	1970-01-20 16:10:57	Name: __gpi Value: UID=00000b756560fff5:T=1666161286:RT=1666161286:S=ALNI_MbIZMvjf58kpWQCwbPvfUBurunRJg
.oferlo.com.ua/	1970-01-20 08:58:57	Name: _fbp Value: fb.2.1666161287039.878912607
.doubleclick.net/	1970-01-20 16:10:57	Name: IDE Value: AHWqTUnut82w5HYywQylR-9Y1Rr7ebyzGgZGrvJ8BoCRmCNFbePCShj2efe2i_wOPoU
.casalemedia.com/	1970-01-20 15:34:57	Name: CMID Value: Y0.ah5149MUuva2MKWlBtgAA
.casalemedia.com/	1970-01-20 08:58:57	Name: CMPS Value: 3184
.casalemedia.com/	1970-01-20 08:58:57	Name: CMPRO Value: 3184
.adnxs.com/	1970-01-20 08:58:57	Name: uuid2 Value: 7461383486563921314
.doubleclick.net/	1970-01-20 06:49:22	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 08:58:57	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hc'qLc7j!@wnfH8K6pQK`!5=E<L5?%KFe<@_)[QqfBj5A?N0-/FSdFile?pWV+c3/:g%nugO%v4VB%noI/8[#p

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'wake-lock'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, display-capture, document-domain, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, publickey-credentials-get, sync-xhr, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eu001.leafletscdns.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
oferlo.com.ua
pagead2.googlesyndication.com
partner.googleadservices.com
r1---sn-4g5edndr.gvt1.com
redirector.gvt1.com
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.oferlo.com.ua
142.250.184.226
172.217.16.194
185.80.39.216
185.89.210.20
2600:1f18:1aca:4281:55a3:e8f2:eec4:5c99
2600:9000:223f:ca00:8:48e:53c0:93a1
2606:4700:20::681a:364
2607:f8b0:400c:c38::78
2a00:1298:801f::b
2a00:1450:4001:24::6
2a00:1450:4001:800::2003
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::200d
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.248.3.167
00c9321faab83b2ae63bf477248f22a77ecb78da0ace4f41d1065bc2ab446ee9
01267ad6029d5900a02ad968d4f56b102a47cd657c2dc94d30af15d80a6405f0
019e5ef4eae6526b7df9b7119715ece680f8a207b20742c38b8a73ab8f135c50
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
024754f345a6a79c18e7eb025a3e94a045d9460ab3be24380c9fc8ea71046dd3
063cf29ea5291058d42ba4e5a24b8d544e3bc00e80c1cfe9dc0d226c4628cef3
0647dd23fdf1707d1b853f6ad97b4ac492cce910767ad89514721bbc3f30abe6
0674a525618751a642fe4baa693ff34b3c0580a13624da212f9d61300916b76a
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9f243e38580effa8393e2fde8b1b6292b50af8653b8eb68a0fa5f4ae6a9d35
0ef1f9f33632ec6e27928d82e6f155d14605c07815630b6a4dfbf830464795bc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1c897fcfa6be72e2bf55770711a1f26dab4095d209ca4cc92b65cba0f0ea0b83
20b7ec5c587ce88329c10b1ab2f288ecd11dcd57e5716e90d6a957f8fddd3db6
21b177a40aba940d7cdbaa62174e671bf2f02af901978167753fdcfce2be9101
259b67aae500877eceb2ab41928696ff03aa65b25cfd298f668030b87db493cc
2f43e35c9c59892abc041c104628f994df6c53ab6364055fa42821c1122a618e
3103aae1122233d060f45c8743b9e23cbc32818a85948ae3abdc662ced54c171
33b77c3ebb0dfdb1386c077573297dc737b1e1e9e26f33186edd1c1bd7bd8972
34ab7b6bae04a32fc40e9b91566b00a87306ede37dd72313499b831cef75b2c0
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3b5c2abc10ad805c4de0200f2e6a6dfdd82460db05e3145a169e7767d17d534a
41776392d13d8322de922768ec039f1743ec99d48eec5c0563373de1be04873a
4253f77b0d96cf34bfcc0c2f8ade40886e3a60e5fd6d6531a66c848456437b03
446bab4f19b463933ba69fc0c0ff5317bcef393fdcda0816e62b0a2b4aafeaa2
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d22520c085453857e822427f0f66d18d0c98986f6e1e40d6fa0fc7d44a657be
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ec0965d6f95ca6b4ffa314e47e2fa159233e6652ca1d03ef77c94b0085f5c8f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510d71bfae8484c59b9b3bd6064b3edd0348bb79b3b448bc1093bc7a73265b6a
554142442a88e37f22023be8dc7347d530ec721e3571ac676c28a312d01c5334
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f16f58885de373ce052a72b68ae407a049b3037a4324a04043a42fdac99460
681edf17a7cf0e80c5117629eec2531bf0bfd77ec9f9a8308a1bc2edac88a275
6c237ef69dc2945873750c32aca11cea703949f7c0c2050d2a1615f3c9e04048
6cdff57de636e802298546b0802f12f48846f38ff653de02c9cf44aa239390cb
6f22966b13e75ab8fda4c46107f7de87998e445e7b37e377a03a9b5beab88b9b
710cf1f76557948352e0a3bfdfbb71197ba6a984c9b73cb557f4a654113d7b70
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7626318acfbe6eec5abc99f2cc5778703edd1f90463af85d4cbedd693faa114b
77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2
7c191e5ef9504ce2879aacd7dff8eaa160e68f7d136f9994a2087d43b35cccbb
7e7e7d97399e03e24a55f3b6218e69ffd2ce957eca70aee8b854b6aa33366402
837206ebf6e62ede22e73028f6086e3cf47af7719e15721650d7bc42e5cf5f41
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8839adadef045d6b6b96c08a1b266207c89339ea703a26b0f81ef3c657b807b0
8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b00616261a0df3574dfc8b4c0e0403d62121d1bc83b45744fe2c76c5252095e
8c4930584b07df39cc843c3f2c763d1f2a7caeef0089dc94b7074cdabf95f86a
8cf4140305db6473492b7bce8c789d33bcc9a862f9d2d7fce40b115edb31683a
8deb39369e6d0f8e8673167efaa73bc4ef9759ba4a5432ab5fa362d0c9b11ca4
8df4fab5171a5708bb0e27d5c3b6a1d67dbe5a266851726dff167a2a7e03673e
9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06
914d089eacaecf6944ee46bec04ac11975c734f98ddbfc5750536c2adb23fce8
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97992093717fde367507473ba78c48117095bdd5eac32fa9b9c8144aa768e4d2
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a0574a1e7e1a1090b17dbf386399714e05f4afe8f09e15a3e5dbd58b435eb1b
9a766ea12240078e9a4911493790c08cfa979a18619d180cd7f5a5f468fd79f3
9aa096d4b24f77c19979a291a82e6c663be50cfb4e1c82e1f38239bb2a9bcc3f
9c2516c4c455411caea0c64380b128f1b5f01afcee30dd17560d3da5c7699679
9d0ec01d98e8a4dc98af6301e8f95b634f63a9256cff1f71d592fe267fe1ec9c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a049edfff9507adba029091a9ef66a3017d290cb2d81bb96af6ce86161882192
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8582aac431acf6b5ffd6b4c7559bc25283185d60aae73ced430d65c03d9cf68
add35620970c221936e3b346c4028c5809edb5ec9404cdea9013a232d35dd464
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b
b27ec02228acc9cf5522b6945e933546f012a07832adb3a9c34c1c9f83375b0f
b2b5fbf2eb05b4537ce81b6deb4831ff08f19018dc308bf2331d513707423d77
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b59c7df078ab88205474423edc7488e6bc5e8402e320dc7c30f7b2668cd016a3
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
b82ac83f90803852035864620bb3751cece78fa0ed64d3762393e1390d7ecc53
bbc369f5658cf64e87446a582af7676907cc004d5b5f1d70b3eed2f3f0a287fb
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1fb1e346384232cb17d28002913baaafc0572382bae5aec82b0dca887f16f42
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4851949856c9f67775f07033e8f7a8524ff9cb4b7cd852a3513706d71231533
c4f2d2cce0c47e7d116589c641a59f0ed79aa7db34f2e96257c7b4deadafcc2c
c6117374a1f09adbbff6601b20fc00b2264cf5fb2ef53ede0b320a337109026d
c6c7f3ffc0deb34af0f7c06c3610b4c6736993258ea2189658735f42dd251e51
c9cbcd0258163a14eebffcfe03781814ec64cc7478467cd11187fe6dc164f6a5
cb21d3506727d182f7b6e09cefb317a21b23d4d03b0afef8be5b0eea6afae9a0
cfb937d0974a61c6eebdab2e2650fcd2af0a216aa22c05c102571a4f40c19329
d15f85d0aa8fe49a0ba11e1bcd2c4ad286c0ab1bc0452dec8c2fec9a446a6caf
d31d8222427bde0244a26ac095720265d209e54e909b588e08671f3ee1485584
d5f896b27da4f5a9991dfb61cb3b1bcc4b04d2390e84487b7ca267c0688a7fc0
d8425275b77f7ce018416241e85960821de53a5ed71761a1ae397b1a5e855336
da42947db2dbc8b734af5c4824cc9d4b7dcf3c3e239ea97734c635124dbdd2f1
dc4c24faa867df9b33628fdb8aaf2d456e989750e4cda61f2418fee5d8b1c5cc
dd4382e79b727cdc888bdfef1199b74f5b651781e957c8550d5dd4f7e1e5aaa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df94118151425d11320f6fb3958f309162e9556cf48af223f66421c6a3c8e456
e0f2cca7784269c376cea0c66fa206e809162035f87759bd0d44d171dda8053b
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48d592c7524a5929f4e2ace68096ab997230e8ad3133ca7c66b1f62d7fdb968
e91e4f767982a21e6240cf9f0631053ac63cce60efca9b4948facf64373619ec
eed43d65a3c9a25197aba3db157caef0a438440a5fcbe6d90b2c8eacbae7c6b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f50ed9c3c87ec6211e8cefe2c82e05d2e89f75991ed6fdc0b9607449db7dd777
f6373b76ed57df66b01acba5ca7d75c28411620aa58cbe5f17273faf9c144641
f6c0fd70405f944e0d310f7ee9e16249c00f136832d2eef24207a29b92a42bac
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f79203a8deb812f3675f2b5918cc2d16128a9c59bcefbbfadd463f8109b14354
faeec4e3b4ba98ac2d70cdfd029889c56351af467d0785ee0e5af1f88ae12fa7

www.oferlo.com.ua Open in urlscan Pro 2a00:1298:801f::b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

95 %HTTPS

84 %IPv6

19 Domains

33 Subdomains

31 IPs

6 Countries

3731 kBTransfer

6330 kBSize

18 Cookies

13 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.oferlo.com.ua Open in urlscan Pro
2a00:1298:801f::b Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

95 %
HTTPS

84 %
IPv6

19
Domains

33
Subdomains

31
IPs

6
Countries

3731 kB
Transfer

6330 kB
Size

18
Cookies

155 HTTP transactions
2 data transactions