gdevkievezhithorosho.com Open in urlscan Pro
2606:4700:3031::ac43:ae7f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gdevkievezhithorosho.com/
Submission: On March 03 via manual (March 3rd 2021, 8:46:47 am UTC) from UA

Summary HTTP 214 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 19 domains to perform 214 HTTP transactions. The main IP is 2606:4700:3031::ac43:ae7f, located in United States and belongs to CLOUDFLARENET, US. The main domain is gdevkievezhithorosho.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2020. Valid for: a year.

This is the only time gdevkievezhithorosho.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
50	2606:4700:303... 2606:4700:3031::ac43:ae7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
12	2600:9000:215... 2600:9000:2156:6400:4:c961:9640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.194.151 13.224.194.151	16509 (AMAZON-02) (AMAZON-02)
3	35.244.154.20 35.244.154.20	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
32	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	52.45.2.52 52.45.2.52	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2010	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
13	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	3.216.182.123 3.216.182.123	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
214	29

50 2606:4700:3031::ac43:ae7f (United States)

ASN13335 (CLOUDFLARENET, US)

gdevkievezhithorosho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2156:6400:4:c961:9640:93a1 (United States)

ASN16509 (AMAZON-02, US)

a.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-151.fra2.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.20 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 20.154.244.35.bc.googleusercontent.com

orbit.lun.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
orbit4.lun.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.2.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-2-52.compute-1.amazonaws.com

forms.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.182.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-182-123.compute-1.amazonaws.com

analytics.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	gdevkievezhithorosho.com gdevkievezhithorosho.com	4 MB
45	googlesyndication.com adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com	726 KB
24	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	358 KB
22	gstatic.com fonts.gstatic.com	186 KB
14	mailmunch.co a.mailmunch.co forms.mailmunch.co analytics.mailmunch.co	149 KB
13	googleapis.com fonts.googleapis.com ajax.googleapis.com storage.googleapis.com	209 KB
11	googletagservices.com www.googletagservices.com	332 KB
6	google-analytics.com www.google-analytics.com	62 KB
5	facebook.net connect.facebook.net	186 KB
5	google.com www.google.com adservice.google.com	2 KB
4	facebook.com www.facebook.com	804 B
3	google.de www.google.de adservice.google.de	1 KB
3	lun.ua orbit.lun.ua orbit4.lun.ua	6 KB
2	google.nl adservice.google.nl	2 KB
2	cloudflare.com cdnjs.cloudflare.com	6 KB
2	googletagmanager.com www.googletagmanager.com	39 KB
1	addtoany.com static.addtoany.com	27 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	amplitude.com cdn.amplitude.com	19 KB
214	19

	Domain	Requested by
50	gdevkievezhithorosho.com	gdevkievezhithorosho.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com tpc.googlesyndication.com 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
22	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net orbit4.lun.ua adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
22	fonts.gstatic.com	fonts.googleapis.com
13	pagead2.googlesyndication.com	storage.googleapis.com gdevkievezhithorosho.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	a.mailmunch.co	gdevkievezhithorosho.com a.mailmunch.co ajax.googleapis.com
11	www.googletagservices.com	gdevkievezhithorosho.com securepubads.g.doubleclick.net adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
8	fonts.googleapis.com	gdevkievezhithorosho.com orbit4.lun.ua a.mailmunch.co
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com orbit4.lun.ua
5	ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	connect.facebook.net	orbit4.lun.ua connect.facebook.net
4	www.facebook.com
4	storage.googleapis.com	orbit4.lun.ua
3	2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.nl	securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	orbit4.lun.ua
2	adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.de	gdevkievezhithorosho.com
2	www.google.com	gdevkievezhithorosho.com
2	orbit4.lun.ua	orbit.lun.ua adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com
2	www.googletagmanager.com	gdevkievezhithorosho.com
1	analytics.mailmunch.co
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	forms.mailmunch.co	a.mailmunch.co
1	googleads.g.doubleclick.net	www.googleadservices.com
1	ajax.googleapis.com	a.mailmunch.co
1	static.addtoany.com	gdevkievezhithorosho.com
1	www.googleadservices.com	gdevkievezhithorosho.com
1	orbit.lun.ua	gdevkievezhithorosho.com
1	cdn.amplitude.com	gdevkievezhithorosho.com
214	32

This site contains links to these domains. Also see Links.

Domain
t.me
www.facebook.com
lun.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.mailmunch.co Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
cdn.amplitude.com Amazon	`2020-11-18` - `2021-12-17`	a year	crt.sh
*.lun.ua GoGetSSL RSA DV CA	`2020-11-17` - `2021-12-18`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
forms.mailmunch.co R3	`2021-02-12` - `2021-05-13`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.google.nl GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
analytics.mailmunch.co R3	`2021-02-13` - `2021-05-14`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://gdevkievezhithorosho.com/
Frame ID: DB8BB51317CA99503AED5E7A0E3313DF
Requests: 97 HTTP requests in this frame

Frame: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
Frame ID: 25A105608A0E7D6467672B34301BFE07
Requests: 35 HTTP requests in this frame

Frame: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 82DCD9693D21F0ADB0A5DB83E0CEA8F9
Requests: 7 HTTP requests in this frame

Frame: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
Frame ID: 2AF058B10121B993FC6AF9F4A7E15627
Requests: 32 HTTP requests in this frame

Frame: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 7FBD6DD78A287DAECE46F8E66B150412
Requests: 5 HTTP requests in this frame

Frame: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: B634948396AD59BE05226495F074F0C8
Requests: 5 HTTP requests in this frame

Frame: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 1F34A069646410748EE4A53333FAAAC0
Requests: 5 HTTP requests in this frame

Frame: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: E1B054DB106C57F22229EAD8480926F9
Requests: 5 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/simple/popover/index.css
Frame ID: 4E5714A11D7C5B5D2FCA11232E8DB19E
Requests: 6 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/simple/topbar/index.css
Frame ID: C266658E4C304D47EE94920F5128CE84
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 271BC9FFAE6AB89DFB8FB30D9AAC2A07
Requests: 2 HTTP requests in this frame

Frame: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: AA367A27D71AE9C9AAA3E55A348AD8EB
Requests: 5 HTTP requests in this frame

Frame: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: 2124AE494D112EE12951AA57AAC7C9D1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 0FA91F41565B9440E8B2E980144F8FC2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 59E200E2F3EA1A4CD023E12489819079
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.amplitude\.com/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

214
Requests

100 %
HTTPS

79 %
IPv6

19
Domains

32
Subdomains

29
IPs

3
Countries

6658 kB
Transfer

10772 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/blog_gdevkievezhithorosho
Title: подпишись

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GdeVKieveZhitHorosho/

Search URL Search Domain Scan URL

URL: https://lun.ua/
Title: ЛУН

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

214 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gdevkievezhithorosho.com/ 145 KB
23 KB 316ms
290ms Document
text/html 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afa0075a2f03d88da557f2fa9da3f4f98ad48e2cc21fdb7a5807a7c30dee27e4

Request headers

:method: GET
:authority: gdevkievezhithorosho.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6e03c8256e1cc2644cfca11eb2a34c271614761188; expires=Fri, 02-Apr-21 08:46:28 GMT; path=/; domain=.gdevkievezhithorosho.com; HttpOnly; SameSite=Lax
link: <https://gdevkievezhithorosho.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
cf-request-id: 0898dd739c00004aaf17092000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JwbonOSeS3LWDsIl%2FwHhvoqeh1zwKUXUlTEVIHl86pCojRj2kAe97Fwd0b64RDsSGvVl9gFEqlA6wylT6o1jBdiUzohEHKFQ1v0WHz1oDv7CtNKIpHrasb3aeBqhgn%2F8DXEXBW4%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62a19832986f4aaf-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 75ms
49ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c79d2eaf7200d5fbcb0efe0e65caefac6f7c43962a97c626f8a180834fd04d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "800 / 114 of 1000 / last-modified: 1614726854"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19335
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 40ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6260742-9

Requested by

Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f368e85b820970c69c0eb8426a3810f252ded0214063066154355089dc5546fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39429
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Mar 2021 08:46:28 GMT

GET
H2 200 style.min.css
gdevkievezhithorosho.com/wp-includes/css/dist/block-library/ 25 KB
4 KB 21ms
9ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-includes/css/dist/block-library/style.min.css?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57a96eb1ccacae26e452d6e147fb29ca8ca20ce183970a3a4fb5febf8662fcc7

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4138735
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74da00004aaf21171000000001
last-modified: Fri, 30 Nov 2018 09:59:52 GMT
server: cloudflare
etag: W/"5c010a18-63e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b699AQnQgrsaeC%2BOr%2FLD%2FDJpWb%2Fu4UxpIdrzZ9f79eD%2BYdmy%2BwyFWJ1RyBD0y0nEMXD%2F0EIWD3DaaxXI7nZVVX9EmLkgFQKVzSMMlxyKYAlJvfKFXVprII%2FmcwnssSgy3QBXBrI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a198349ba14aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bbpve.css
gdevkievezhithorosho.com/wp-content/plugins/bbpve/assets/ 1 KB
793 B 19ms
7ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/bbpve/assets/bbpve.css?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0030a9927b6f2471090a113ed4d3f0d76daa45244a182394ef0dd4e2d8c73b4c

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6543624
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74da00004aaf0996a000000001
last-modified: Wed, 11 Sep 2019 20:44:04 GMT
server: cloudflare
etag: W/"5d795c94-53a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Y5pIplafy%2B%2By2pnC%2FhSoMMCvVWF6n9NHT9Jss8uSTQQcCZ8XHJuBcL1aR32JU%2Bb8sx%2FzUnQanQ7FspNzWbWyrt%2BQCeAxZxFZJ%2Fa3IUI8UX0Pos0pJbIGgsG3BrbyxWzdQdmDSU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a198349ba54aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.min.css
gdevkievezhithorosho.com/wp-content/plugins/comments-like-dislike/css/fontawesome/css/ 46 KB
10 KB 26ms
12ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/comments-like-dislike/css/fontawesome/css/all.min.css?ver=1.0.7
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6543624
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74df00004aaf12a0b000000001
last-modified: Sat, 11 Aug 2018 06:56:54 GMT
server: cloudflare
etag: W/"5b6e88b6-b752"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EQE%2FbJoW%2BF%2BQixCdl3IaYVw%2BHMSZy1yFRTSZuw%2Bw9r3s%2FjpyUk3BWDDcwSGbtW5T41Z4P%2Ftrx6MWdTKLmBjXHO6P5hUC6hENZkbVnNui2KmRQACIvRJh3pyVkoZYfWGm9%2BW7e7w%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a198349bb34aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cld-frontend.css
gdevkievezhithorosho.com/wp-content/plugins/comments-like-dislike/css/ 1 KB
646 B 24ms
11ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/comments-like-dislike/css/cld-frontend.css?ver=1.0.7
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74b4573dc11fa61e16821b2b2b56fcd0c180e1bf018343b67f430011529232db

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6543624
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e000004aaf6880e000000001
last-modified: Tue, 06 Dec 2016 15:26:30 GMT
server: cloudflare
etag: W/"5846d8a6-58d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NZjP2TItVDA%2F0zDM96yJqcJOnYrY1RQy01v1OHX591F5qjTnNSqxR0LKbPEDB6IgbqHw5RbPDK8%2FSYkoksZ2DOaDFuIxwC3OhvaJmst8g61EA7akIQzwB44yosbDfbjmpV81YJw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a198349bb44aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
gdevkievezhithorosho.com/wp-content/plugins/wp-first-letter-avatar/css/ 510 B
553 B 23ms
10ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/wp-first-letter-avatar/css/style.css?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1607e1814e3fc243984d2bafaf24e87c8e082299a7253baad6e8b6c1ee986fae

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2332136
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e100004aaf37917000000001
last-modified: Tue, 01 Oct 2019 07:13:47 GMT
server: cloudflare
etag: W/"5d92fcab-1fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7Kqn1VSNRkrHjaU7YaJm6zbXjgH2Xz8i47oCIN0%2BsumjEOHvMao%2FmV5aYxVnDhraJv11zkr%2BQfpzNbg9tQ6SkfyGwnqm%2Br1VC6pgwQSFAq60CHIzeV2Sc65EnAjdHC%2FrX1H%2Bwng%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a198349bb54aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
gdevkievezhithorosho.com/wp-content/themes/bard/ 46 KB
9 KB 34ms
21ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/style.css?ver=1.4.9.14
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7adb10a353296401e7d806e4bbdebd1559ee9cfe44a9daeb9d6a5bc6e2685a00

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 525723
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e200004aaf52b2d000000001
last-modified: Thu, 24 Sep 2020 05:47:38 GMT
server: cloudflare
etag: W/"5f6c32fa-b72e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s072g2G%2BLCaOkjNhl203DEFDcOKF0uJPo09F%2B3DQYeQcKIj6EeuKk9ma58TRD9s5aENtWxD%2F2eTR8AA7%2B%2BMs0H5tbRhfuENn0%2F%2B6BP5%2BaBeEkJJyoSSNH4UUBAucdZ0g5b0hkVA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a198349bb64aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontello.css
gdevkievezhithorosho.com/wp-content/themes/bard/assets/css/ 1 KB
784 B 35ms
21ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/css/fontello.css?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cac5766b62e3fca8117a35db8c11deac3717940420940a15149ece5cab3ddc1

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 525723
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e600004aaf52b2e000000001
last-modified: Tue, 20 Aug 2019 09:30:55 GMT
server: cloudflare
etag: W/"5d5bbdcf-491"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U6icktYrsGnseO0NyP5%2FMcSpyyft3Xw0AG1OZcSCZAc9XMCIo1kptzXTGXsl9b%2B8642zrsWPqXGXI73NaK0JcxeNPPq7uHxj08eQVVC8%2FpLKP6%2FIjK7gP9JoyE2eKCN2iJVNuEc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a198349bb74aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.css
gdevkievezhithorosho.com/wp-content/themes/bard/assets/css/ 1 KB
786 B 25ms
12ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/css/slick.css?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 310b9376346ac475b5e9e87c808fc4e4e51b8f37fc1d8d4fc9ec0491e531ba97

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1083575
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e200004aaf5d863000000001
last-modified: Tue, 20 Aug 2019 09:30:55 GMT
server: cloudflare
etag: W/"5d5bbdcf-537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FHJWr4dDHupHpeEm2AiXI5cQOnzsuvpaFjqtoC54ftyu5jr9YPT2buMxR9SKu7V3ptKUjg08h%2B2E%2FD6PPMnmrx3JknXEeiY8nuLEtaNTBu6kS67e71KEFT3efMBX9fvDgGNsl7I%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a198349bb84aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 perfect-scrollbar.css
gdevkievezhithorosho.com/wp-content/themes/bard/assets/css/ 1 KB
606 B 26ms
14ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/css/perfect-scrollbar.css?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 614426109acf753ce4f5ca75fc25aaf515bad4f6c0b4d3ecdefa1b8c4030d354

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1297516
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e300004aaf0023b000000001
last-modified: Tue, 20 Aug 2019 09:30:55 GMT
server: cloudflare
etag: W/"5d5bbdcf-582"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EvIJ81zO6SmzWVLVlB0Gq%2BJzl%2Ba42NKFSsTM9yh4yHAtv4eCgiPCJj4hOO6gIq24N0GF5eM9QfgJPqpHgKXt6UkwdRsY39DjzmY%2FuJFc2MSMZj2NfAwugKNOAF2zm4yihIL69L4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a198349bba4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce.css
gdevkievezhithorosho.com/wp-content/themes/bard/assets/css/ 17 KB
3 KB 27ms
15ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/css/woocommerce.css?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb8dc082a8843a6d6d21eb2e6dbb58851eefef94f5e4c8eab6fecb7283e90eb3

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6543624
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e300004aaf230c2000000001
last-modified: Tue, 20 Aug 2019 09:30:55 GMT
server: cloudflare
etag: W/"5d5bbdcf-4423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DelF0woov07ZsSfH1%2BFiMmk5I54r%2F2Vx9lZpT%2BZ4C7lZW4e7fetTawERGiphRUcgygRe9%2FeYxUdCTzabA9a9etugLD6%2FBFbNYU6OPKkBMNNn0Gkc73QN1%2B343I2HtQAkA0pQs6Y%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a198349bbb4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 responsive.css
gdevkievezhithorosho.com/wp-content/themes/bard/assets/css/ 10 KB
2 KB 22ms
10ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/css/responsive.css?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f1d1f32e431b304850ab88cd216572675f6921da6c323fbdecaf23d124737d1

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6543416
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e300004aaf38278000000001
last-modified: Tue, 05 May 2020 14:52:20 GMT
server: cloudflare
etag: W/"5eb17da4-2727"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t0%2FDJTFVsmSzClKM7pj50W5Y%2BqNFKVPXVibXSW8f3sDf%2Fd7oUnIPFW8%2BadMuUP5f6RNJvF9n26Y%2FcrwNRdKNFD0MadIMK08%2FH6M%2F43dTcNG%2BB4j3iujg%2F5UL6SExg1yQZmeV4x0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a198349bbc4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1000 B 29ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Requested by

Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d577d10624e93e15c15f3c8244f28ca423a3161307f43b8d2f84efe5ad5b1eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 08:46:28 GMT
server: ESF
date: Wed, 03 Mar 2021 08:46:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 08:46:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
995 B 28ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Requested by

Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dc1c85eb3766b923eb1898f16d2f09541f2f94523929e58154ce17b0d71bded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 08:42:58 GMT
server: ESF
date: Wed, 03 Mar 2021 08:46:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 08:46:28 GMT

GET
H2 200 magnific-popup.css
gdevkievezhithorosho.com/wp-content/themes/bard/assets/magnific/ 7 KB
2 KB 22ms
12ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/magnific/magnific-popup.css?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 525723
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e400004aaf3b83a000000001
last-modified: Tue, 20 Aug 2019 09:30:55 GMT
server: cloudflare
etag: W/"5d5bbdcf-1b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s4w%2FGldx4wpurL2F27VMCgKS6pDkZ2BGAvoTEVAVwaXe%2Bz6QRycLMHBNn50UHKu9FLXKP0770Cyi7BPVAFW4Wyz1t%2Bf1tLMqS%2FtlU%2BPR6%2BbzFIJxoZKL7MXt4wh0dqchcvS%2B22I%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a19834abc04aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front.css
gdevkievezhithorosho.com/wp-content/plugins/gd-bbpress-attachments/css/ 4 KB
911 B 24ms
15ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/gd-bbpress-attachments/css/front.css?ver=3.2_b2320_free
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c8c8d61d0a7f77f59b95383464a57908e0284938736be75c0e6c02fbeff5b17

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 521273
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e600004aaf3b83b000000001
last-modified: Thu, 26 Jul 2018 12:51:08 GMT
server: cloudflare
etag: W/"5b59c3bc-fac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lKU0k7vdIwo%2B4uDIgpfsNXUQRsLf5X6R2JIneclZ6WaYL7JLwYCdtSX%2F09AlT8na3c9WFCAtBBRb01Qiw8A%2BnhHU7QBD6GqVqj2dGeCf%2BNEb8oKfoe86WhnCUlwBHfURiXVcKbE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a19834abc14aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addtoany.min.css
gdevkievezhithorosho.com/wp-content/plugins/add-to-any/ 1 KB
696 B 22ms
13ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a94558535ca72995a47883885d6fdfdee113dcbb8e937e88196f25cb181c72b2

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2555334
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e400004aaf33816000000001
last-modified: Tue, 18 Dec 2018 10:02:41 GMT
server: cloudflare
etag: W/"5c18c5c1-5b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ErXogzvF%2Bs14th4JCptRH5YX3CtDs616z2q4juZv5rkEuaZ27hUW3GuWFsvHPnuh9cwcMDo2P%2BXDANlf4vp0QPiigh0hQahPwf%2BhmeaOHeY9bN1u55Vbg8hDf7PZ5dd4d9Damjg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a19834abc24aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avh-ec.widget.css
gdevkievezhithorosho.com/wp-content/plugins/extended-categories-widget/4.2/css/ 178 B
421 B 19ms
11ms Stylesheet
text/css 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/extended-categories-widget/4.2/css/avh-ec.widget.css?ver=3.10.0-dev.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4378ab2698bc95c0378bc11bcf5daf6249b4db5001bc46130e64dda1a8625be0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8099824
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e500004aaf0f198000000001
last-modified: Tue, 11 Dec 2018 09:20:46 GMT
server: cloudflare
etag: W/"5c0f816e-b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NSWAMAstmxqjjL1SFqDfCLQPadSpXK45rdkW5QZvV1HVnF0TlbqUlQvNDhKHAbxQfjADXUGnW0x3xNMqgzFRAzGpoqRTh3ospfJJMDWENRLTzb0dMqKWnmpPWMOrZpB0r9iixP0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 62a19834abc34aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
gdevkievezhithorosho.com/wp-includes/js/jquery/ 95 KB
32 KB 28ms
20ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 512036
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e500004aaffc80b000000001
last-modified: Mon, 23 May 2016 09:00:29 GMT
server: cloudflare
etag: W/"5742c6ad-17ba0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SGZZElko4kZj%2Fc3KbF2RubtuWRYCcrBF1DaPaZpOuw6C9lWSbD0aj2X57G9FJZaFKh1R3wBFYkyZMWbDeWff5Tr8o%2BT25ZoiEduWexu0QTm%2FZmk4h63XlHzI7iXZTv%2B%2FlNAAMgQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a19834abc44aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
gdevkievezhithorosho.com/wp-includes/js/jquery/ 10 KB
4 KB 20ms
13ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1297514
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e500004aaf170ad000000001
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: cloudflare
etag: W/"573eaa90-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ttr%2BMx3biEkuvJo2x1fe5ZCOtDZESu7BS%2BfByrRlcumf1G7E9uV6ny1dgtftglZrhn1I4da1kyLi3bEJC0nDqI0HoRN3AY6UNZdBstYl8g8o3yhHSwJwDbPRbpukq7MrwYP4apE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a19834abc54aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addtoany.min.js Show response
gdevkievezhithorosho.com/wp-content/plugins/add-to-any/ 129 B
395 B 22ms
16ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8095602
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e600004aaf2b9b4000000001
last-modified: Tue, 18 Dec 2018 10:02:41 GMT
server: cloudflare
etag: W/"5c18c5c1-81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SNfFj3KF2yYhYwiKvOXcXwBA4psAWOC91bZ7wWfeU1g4MGgp%2ByV2mwDXRy371w5%2BnkYnpCLG0HiJjm1Wte7Ob6ZU7Cw3whh%2Fcsxzqqq%2FrJ4LTFLnR9YS3DN%2FvCs2x5AwIxRJ05g%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a19834abc94aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bbpve.js Show response
gdevkievezhithorosho.com/wp-content/plugins/bbpve/assets/ 2 KB
812 B 23ms
18ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/bbpve/assets/bbpve.js?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3dec2f1d8df7bd3d188f7be3ee33d5b9865586e3cf7200d73757454ca882e39

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1297514
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e600004aaf2e3d2000000001
last-modified: Fri, 08 Nov 2019 05:49:49 GMT
server: cloudflare
etag: W/"5dc501fd-61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zPvthY1YDyLd%2Faco5Z8%2FJLk1Poha8iibSu74xNv52x5xH1ZQswDEEA2xNeWmCouhsVm7qGOLZJ9N7r6h72RbkE2H%2BjmzFkomCmpDnL4jjaHf9D%2BUc3R8YeH0gr9OgTwxGKHC%2BLA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a19834abca4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cld-frontend.js Show response
gdevkievezhithorosho.com/wp-content/plugins/comments-like-dislike/js/ 3 KB
1 KB 20ms
15ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/comments-like-dislike/js/cld-frontend.js?ver=1.0.7
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fff4b217c0b525033b805d84863ae150342b884a6de821bd2d05e70dffa20139

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8095602
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd74e700004aaf6a171000000001
last-modified: Tue, 22 Jan 2019 16:42:32 GMT
server: cloudflare
etag: W/"5c4747f8-d67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HGDIum3U3ntfYiEldAnCtBYqHcAsoxEvn%2FuwRwem7oWgyo1E5c%2BlrDuPOV0GMflCDshrjqU7%2Bh6f%2BvYsfwX95d4Udw55CWpveDtNs3EAzML7PmfCZiMtXG0AN24n7aqmafcLkyY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a19834abcb4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 site.js Show response
a.mailmunch.co/app/v1/ 24 KB
8 KB 36ms
10ms Script
text/javascript 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/site.js
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d325c0f0224c5715012d6ec9f9272eae60b4636662496b65e7ca4e1490c2f90b

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:56:28 GMT
content-encoding: gzip
age: 165001
x-cache: Hit from cloudfront
content-length: 8161
access-control-allow-origin: *
last-modified: Sat, 27 Feb 2021 13:42:22 GMT
server: AmazonS3
etag: "4ddc46f3f2b77538cdfbfbabeb455748"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: poWUKeYUGymmsb4QS0-Lcp6X-iqiJR3cTMe3fo4bHyFjGhIhvM6xFA==

GET
H2 200 menu.svg
gdevkievezhithorosho.com/wp-content/themes/bard/assets/svg/ 200 B
704 B 32ms
27ms Image
image/svg+xml 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/svg/menu.svg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 793dc4cce41769672279c2e51e623eeb5f409b55f11ebd2e052067e3784017f1

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5831
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd752b00004aaf4eb09000000001
last-modified: Fri, 20 Mar 2020 13:47:38 GMT
server: cloudflare
etag: W/"5e74c97a-c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XejlfEJx7MRG8AWa9PdcRV%2BZLQgsSD2yUEoWN5%2BHWrImTNFBrCPYS1MusErQR%2FIm%2BBcuWksVIRjlWn6qSx%2BXCAoO2URks1wGxE%2Bfgtu5w%2BCHNCb2xjZzfi7WpuDRuLqM%2BL26BDI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 62a198351c7f4aaf-FRA

GET
H2 200 avatar.png
gdevkievezhithorosho.com/wp-content/themes/bard/assets/images/ 22 KB
22 KB 23ms
18ms Image
image/png 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/images/avatar.png
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11f8cd3471098dcde8753cf1daa6fa8f3535ede5d1a272f790d4f2b584ccb70

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2568825
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22506
cf-request-id: 0898dd752b00004aaf61aa0000000001
last-modified: Mon, 30 Mar 2020 15:55:26 GMT
server: cloudflare
etag: "5e82166e-57ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8vVGNawy9oLC9T8YZI5Fv7eEi8evYYjJa30J5gOrahYCj2Py27LB%2B2vIhhuhNqsykK649tQOh4WEIE4w0VXYtkqq4%2F%2F0TDHuNdoTR41g4hOEuT7cc43wIKcLP82VHL%2FclwOJg1k%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c804aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search.svg
gdevkievezhithorosho.com/wp-content/themes/bard/assets/svg/ 389 B
592 B 24ms
18ms Image
image/svg+xml 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/svg/search.svg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 468674a37da8e2edd18a04812d8ece47786a708341910a1ff221897b8c6b580a

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5831
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd752c00004aaf3d282000000001
last-modified: Fri, 20 Mar 2020 13:47:42 GMT
server: cloudflare
etag: W/"5e74c97e-185"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qFcAsivunUvHZBOJ%2BM55XowzUHFKEe2nzmUBsFr962vmKBhR8puT9IT0pYfP38WJ58%2FqI7Br8YvpWqUJIHdnNtk9hytCOcqf%2BTaNte4ut5eneXIYBgh6lIHV80ndDsnXYybUoLw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 62a198351c824aaf-FRA

GET
H3-Q050 404 gtm.js
www.googletagmanager.com/ 0
0 47ms
29ms Script
text/html 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-TB2L3HR
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amplitude-5.8.0-min.gz.js Show response
cdn.amplitude.com/libs/ 57 KB
19 KB 84ms
29ms Script
application/javascript 13.224.194.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.8.0-min.gz.js
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-151.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54234dbc5f94f0c00e43abfab5b835783474b7259ab5ba5ba4024e0ef212e181

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 06:51:32 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 8560497
x-cache: Hit from cloudfront
content-length: 18497
access-control-allow-origin: *
last-modified: Fri, 06 Dec 2019 21:57:52 GMT
server: AmazonS3
etag: "208999c2bfaa80353f3f37c256fd3a3d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: JayGW0K7hcKEk8hUb5nZ1QRH3tobN7O9
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: WFwbOe8JVU-ca2DlF2Ok1a57hNH1RkvUIAUmY9IVoXUuWohXtyUS4A==

GET
H2 200 wp-emoji-release.min.js Show response
gdevkievezhithorosho.com/wp-includes/js/ 12 KB
4 KB 24ms
19ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-includes/js/wp-emoji-release.min.js?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1297513
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd752c00004aaf5c003000000001
last-modified: Wed, 10 Oct 2018 04:11:25 GMT
server: cloudflare
etag: W/"5bbd7bed-2efa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MMmKzkvC858AQTn6DbcHKcVhlmPm9KZhs5MtQx42wvBimIJWb4DiQsu4b6vXuBGqGJ3sFIqdx9tcWdCOe7674b093OeOw4IwVK%2BvjCPZ4NNU20%2FYzecGG4yicYCgQfK9pGHUtMY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a198351c844aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%B2%D0%B8%D0%B7-2.png
gdevkievezhithorosho.com/wp-content/uploads/2021/02/ 1 MB
1 MB 31ms
26ms Image
image/png 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2021/02/%D0%B2%D0%B8%D0%B7-2.png
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d686e3d9180b90565957bbffd8839eccd18134f42362e775901e1adba762d899

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 227703
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1451544
cf-request-id: 0898dd752c00004aaff2bcf000000001
last-modified: Fri, 26 Feb 2021 07:14:50 GMT
server: cloudflare
etag: "60389fea-162618"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R10BkaWfEX5pJqgWoxfD%2FKJlA2hNQe6MUKC%2FOZLPGM5EgGNqwEYMObr4u2ewgrZhUbI438dPVAo0vE8q5H5s30WV83ccCL8S0bQdtEiFB6tR36akUZGTZCOeAR4rP7k9LkZsfyg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c854aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 af276720.js Show response
orbit.lun.ua/js/ 2 KB
1 KB 81ms
38ms Script
application/javascript 35.244.154.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://orbit.lun.ua/js/af276720.js
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.154.20 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.154.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f6f3a313b6bbf670e3c0b259e193c8229a181560f07ed7f578534f8a49ffb34a

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABg5-UwbLFM2oKYHXGDzq6z-V5hHSB_3SB4rFjNiTrBBXnUQyH17NTAJF6YAtITf630T0JXoIP84W5vOP6kLgigh8BXlnSYbqQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 962
last-modified: Thu, 28 May 2020 08:27:53 GMT
server: UploadServer
etag: "c9e6afc0b78e8c5e1941dcc3fb0df770"
x-goog-hash: crc32c=2FwlVQ==, md5=yeavwLeOjF4ZQdzD+w33cA==
x-goog-generation: 1590654473981058
cache-control: public, no-transform, max-age=3600
x-goog-stored-content-length: 962
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Wed, 03 Mar 2021 09:46:28 GMT

GET
H2 200 %D0%B2%D0%B8%D0%B7-4-500x380.jpg
gdevkievezhithorosho.com/wp-content/uploads/2021/02/ 62 KB
62 KB 24ms
19ms Image
image/jpeg 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2021/02/%D0%B2%D0%B8%D0%B7-4-500x380.jpg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 979d1f4b19d6148f177abec8cca01dadd695fb116969ed4fcc91ac4b4df02e4d

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 315953
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63235
cf-request-id: 0898dd752d00004aaf0c2e8000000001
last-modified: Wed, 24 Feb 2021 07:55:13 GMT
server: cloudflare
etag: "60360661-f703"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uFKAeuUXrW5QLA7VTd2upvTKLXnQZ8gomxH0rqBCMeCog2TgQfRleHbmlA3N48n56nO0xvyzE%2FwTOJvXwpkws2KxBne3qx7v3SFrwVEqIhJPNOpER2cvnuqEHv8fZUQs8nH%2BSak%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c864aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%B2%D0%B8%D0%B7-1-500x380.png
gdevkievezhithorosho.com/wp-content/uploads/2021/02/ 367 KB
368 KB 33ms
28ms Image
image/png 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2021/02/%D0%B2%D0%B8%D0%B7-1-500x380.png
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b462a1bf5bdfe4b88349d9fb47958184ea31f630461b00dcafbfbc48a203a6c

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 227703
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 375728
cf-request-id: 0898dd752d00004aaf5e9aa000000001
last-modified: Mon, 22 Feb 2021 09:04:02 GMT
server: cloudflare
etag: "60337382-5bbb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jZoXFSnHDB%2FPuUg4B9JfrgQ7QcOt9%2FSKXl0tihGDtzK1N5cFTWG2LDm9%2Fmvntel81LQ%2BqGFKmh3W3SRQb9act4P6Cl7ZgtMLlACGqpgg0jCQCzZiNWP2iIVPWS0ZbvEhABPUAdM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c874aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%B2%D0%B8%D0%B7-3-500x380.jpg
gdevkievezhithorosho.com/wp-content/uploads/2021/02/ 46 KB
46 KB 34ms
30ms Image
image/jpeg 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2021/02/%D0%B2%D0%B8%D0%B7-3-500x380.jpg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0b5b083920fe516abf9c495fc2ae8352fe9fb0d97e7d10be59731ce7fa3c1d

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 227703
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46631
cf-request-id: 0898dd752f00004aaf4eb0b000000001
last-modified: Mon, 15 Feb 2021 12:18:29 GMT
server: cloudflare
etag: "602a6695-b627"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zZ0G3t1NQUV%2FTy5y0GquM3MffI%2BlHqYetXqEAfx0H1IWj%2BmaH7VlxcYvl6P%2BQT5DYeKPbgD8Yl4vjlHmJZdiln8rsyNnT76FXjkdwXWhEQ7jbmqqFUNKliiyGIx5cXcff8Uboto%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c884aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vis-1-500x380.png
gdevkievezhithorosho.com/wp-content/uploads/2021/02/ 218 KB
219 KB 31ms
27ms Image
image/png 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2021/02/vis-1-500x380.png
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 961c81effa0bb489d5895d58941f8405208c55045a1329599cba16bb5a90958c

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1342376
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 223608
cf-request-id: 0898dd752e00004aaf68813000000001
last-modified: Thu, 11 Feb 2021 15:57:56 GMT
server: cloudflare
etag: "60255404-36978"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bnQFjXoQlkRPDSH6gufOxiOaxlUl443m0UccFR7lhFz21WwzNLmldE%2FwnS5nVgbkdyB%2B%2BD92MSqLIZBxlv85FopMKPgBfjsBZwyVjA8acX5LLalF%2Fms7nnp6MoRYrhUYkHJF1YE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c8b4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%B2%D0%B8%D0%B7-1-1-500x380.jpg
gdevkievezhithorosho.com/wp-content/uploads/2021/02/ 52 KB
53 KB 26ms
22ms Image
image/jpeg 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2021/02/%D0%B2%D0%B8%D0%B7-1-1-500x380.jpg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf566c3eb722b3ba4ab3ba6caa4469cf49f55938e13fb835c3f496974cac4f5

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 227703
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53546
cf-request-id: 0898dd752e00004aaf3791c000000001
last-modified: Wed, 10 Feb 2021 10:09:48 GMT
server: cloudflare
etag: "6023b0ec-d12a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pq9UeG2wD0whyOlXnNZn%2FUCs7lswAO9xro9tj%2Fx5mGZqhavz36B4izXHNOXaZWt3GPbgPxN%2FAsMH73gB5AKtx5HbRgt2iGzBgm0TYphrClUw6mUq3mSWnMp9zwTnKELztRjiZkY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c8c4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%B2%D0%B8%D0%B7-1-500x380.jpg
gdevkievezhithorosho.com/wp-content/uploads/2021/02/ 57 KB
57 KB 39ms
35ms Image
image/jpeg 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2021/02/%D0%B2%D0%B8%D0%B7-1-500x380.jpg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeae6d5aa43cd6257cbf78e01bd30a260d86093be1f8c55008d458851cabc360

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 227703
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58256
cf-request-id: 0898dd753300004aaf4a336000000001
last-modified: Fri, 05 Feb 2021 07:32:36 GMT
server: cloudflare
etag: "601cf494-e390"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DzZqGWoEsFy16zB6ani21bv8NMEbngZXfnrdWa3%2FhD34IJc2BhgokmfcZ7p8zmeH0uviLZAH1qPMSKBVIci03nLU9NsQnbrwb3gcRnZ37wrxcMSVXj9Yni5FSKE7rLDcHTwczM8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c8e4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 picturt.001-500x380.jpeg
gdevkievezhithorosho.com/wp-content/uploads/2021/02/ 39 KB
40 KB 29ms
25ms Image
image/jpeg 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2021/02/picturt.001-500x380.jpeg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9051852304c116a21a3c822cec4e53fee6710c605c3c3c7e77859189ad1a85

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5831
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40134
cf-request-id: 0898dd752f00004aaf12a12000000001
last-modified: Thu, 04 Feb 2021 13:12:06 GMT
server: cloudflare
etag: "601bf2a6-9cc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D7i9nuHAqR3WrIrLe6BpIsbmmdIPrj8odIlipB%2FkIA4Q3ynkt0cw9POpAQCSfoL%2BOZNHj4rBjYDYoWOtHAuZWC4oWGKAd3NwBBNfkfioAuz6lX%2B9Ot1MTmLp3NtktVxoJPsnw34%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c904aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%B2%D0%B8%D0%B7-500x380.png
gdevkievezhithorosho.com/wp-content/uploads/2021/02/ 258 KB
259 KB 32ms
28ms Image
image/png 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2021/02/%D0%B2%D0%B8%D0%B7-500x380.png
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549bd196fab5c9e13264f1b88b59da095296313a964da2c80d4dfa958668f361

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5831
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 264389
cf-request-id: 0898dd753000004aaf560ba000000001
last-modified: Mon, 01 Feb 2021 15:06:23 GMT
server: cloudflare
etag: "601818ef-408c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x9WciQvwIIcV6q2ghT7b5UVoa6%2FjXpmqnfiqlUTlmOFiG9%2BUUbOKge0QTVI2RcGVN3TNNDO71J8ZUW%2BvHURAbagVmTUomWJroDmUBiDWRruwsLN7Xx0VOKSq4SQ%2FLMA3qHMhBOw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c934aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%B2%D0%B8%D0%B7-4-500x380.png
gdevkievezhithorosho.com/wp-content/uploads/2021/01/ 339 KB
339 KB 34ms
30ms Image
image/png 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2021/01/%D0%B2%D0%B8%D0%B7-4-500x380.png
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d9d3cc6e13c459089408a3db80fc680820af8606664bcfb056ca430a9c287c1

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 227703
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 346702
cf-request-id: 0898dd753000004aaf5d869000000001
last-modified: Fri, 29 Jan 2021 10:43:04 GMT
server: cloudflare
etag: "6013e6b8-54a4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O1ORPzt8yXNxfFUaN7NPcfkLsQ6yx1EtX3p87UeIO5aA0X1SiE8R8eWBvc1CRpRB%2FDSdFzTDPZCsQdEV%2FYWc8xqDAwQNqBf42PGlzCrpOn%2BtMqi6OykrwrnF9Tu9Hq%2FP%2FVbnq2o%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c964aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 %D0%B2%D0%B8%D0%B7-2-500x380.png
gdevkievezhithorosho.com/wp-content/uploads/2021/01/ 204 KB
205 KB 33ms
29ms Image
image/png 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2021/01/%D0%B2%D0%B8%D0%B7-2-500x380.png
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77e93e7cdb0a5e67a37890f2d6741c96c0b0186806b44fe02d39d95dd8b36604

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 227703
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 208950
cf-request-id: 0898dd753000004aaf28a2a000000001
last-modified: Wed, 27 Jan 2021 12:11:42 GMT
server: cloudflare
etag: "6011587e-33036"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sbK%2FYKJxi4bgbiRvHZNEq8OdGnw5JNntGmrUKevySGUQNeMTd16mCp2RJXfOMrUgjcgmSPn31z7wdffJ%2BvTGO3NOlIaYKMj0eL63b%2BHvJlABITzixYIJEYMKrH8ZIPsy4fM2ZLQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c974aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ZhK-Sinergija-2-vid.png
gdevkievezhithorosho.com/wp-content/uploads/2018/07/ 572 KB
573 KB 74ms
71ms Image
image/png 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2018/07/ZhK-Sinergija-2-vid.png
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5388b284057ccfdc4990a039dd009d3e46853058d005bab637f139c459780eb2

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 585580
cf-request-id: 0898dd753300004aaf3381c000000001
last-modified: Fri, 15 Feb 2019 15:53:35 GMT
server: cloudflare
etag: "5c66e07f-8ef6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Fq5mJKLQLZN2ynaAHOANBWTTZGUhHnbvjUSQOCWOkzb9kHE4%2BpyJCfpXwOPu61nXfQWMN2BfnA7gAWlZsGoX1LtIY7714pJK64mABbvbjbVey%2F7Ao2BQVBcrqg44O14wOjKK5fI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c994aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ZhK-Jubilejnyj-foto-1-1024x576.jpg
gdevkievezhithorosho.com/wp-content/uploads/2013/03/ 114 KB
114 KB 75ms
71ms Image
image/jpeg 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2013/03/ZhK-Jubilejnyj-foto-1-1024x576.jpg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d698abda50c923b8491cb24b3af6de33b5a65e182bcfbbfda4037b9bdd7d4700

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116744
cf-request-id: 0898dd753100004aaf52b34000000001
last-modified: Fri, 10 Mar 2017 12:58:52 GMT
server: cloudflare
etag: "58c2a30c-1c808"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KP3lV%2FYAovDuAPZRZjTYzOUa9oi4U%2B%2FN%2BcaI2Q2liftn4zuf57a5U8lZaLAGfGK1zNdnssK1qpkcrZN2FjfMgDfZSXqP9aShSwTF%2BzzdbH7g8jnBvCrPmtOBpKeEI%2Fcm5nEEMyA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c9d4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ZhK-Solo-House-vizualizacija.jpg
gdevkievezhithorosho.com/wp-content/uploads/2017/03/ 99 KB
100 KB 73ms
70ms Image
image/jpeg 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/uploads/2017/03/ZhK-Solo-House-vizualizacija.jpg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ccdcebe592f1806d31ac17a6d08bf77439ab0a07550ad97d47135f50bce13e

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101473
cf-request-id: 0898dd753100004aaf14844000000001
last-modified: Fri, 15 Feb 2019 15:52:58 GMT
server: cloudflare
etag: "5c66e05a-18c61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EFZGayR%2BuPYIdhvu9QeO7k2AQbzjiJrQJ5Awz0%2FUhvPnlM2viExkL77kc4nrZBzo1x2k1mCylyWSgVFD2LyV%2BrG82NKNyVMhPw7JCZY%2BgwA7D7lKdtqEFkRsBOcRMJ4kj%2BBQZGc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 62a198351c9f4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tel.svg
gdevkievezhithorosho.com/wp-content/themes/bard/assets/svg/ 828 B
791 B 31ms
28ms Image
image/svg+xml 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/svg/tel.svg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cde9f5ea84d2d3ecdde56b43acc5aeaa570046aca585a09eaa2639a798ab7f0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5831
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd753200004aaf2b9b9000000001
last-modified: Thu, 03 Oct 2019 08:37:44 GMT
server: cloudflare
etag: W/"5d95b358-33c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E67WnrMDIyQSjYJe0CwE5F54kTIiE7daHmaDCJnzEiR60Noook%2FamIkP8vwdd1jWUZFO6oRzXzP2uRZ%2Bw7oqEiQjXsy%2F%2F017JOmVpIsAWiVM4mle4TD7cLVuLB3cQxd%2FbeWKDAA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 62a198351ca14aaf-FRA

GET
H2 200 fb.svg
gdevkievezhithorosho.com/wp-content/themes/bard/assets/svg/ 541 B
629 B 40ms
36ms Image
image/svg+xml 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/svg/fb.svg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5f2a19d6f247fd13ad4d1a3b0fbd92f8e025d2a029d38c83bcd6a577bd88a3

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5831
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd753800004aaff6370000000001
last-modified: Thu, 03 Oct 2019 08:37:42 GMT
server: cloudflare
etag: W/"5d95b356-21d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ol7uCBNa3f8rdzbA14T6hdXfjxWMxJpb%2Ba5Sbxww50apMZu8quCY3K1LH2w7SEUE2s0024pgnnZX%2FdXCFJc1oInGs8RwEFZt0KFQCnm1EW2sDeT5cwN2MRPCYdgFCiS1ZPUyj9o%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 62a198351ca54aaf-FRA

GET
H2 200 mail.svg
gdevkievezhithorosho.com/wp-content/themes/bard/assets/svg/ 737 B
919 B 32ms
29ms Image
image/svg+xml 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/svg/mail.svg
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee1978a8b3e66e8693a1543db8e8aff44246579c4d72ca104a01e2973ebbe0a6

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5831
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd753300004aaf09972000000001
last-modified: Thu, 24 Oct 2019 14:50:46 GMT
server: cloudflare
etag: W/"5db1ba46-2e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ltWJ1JF5YYeHNjdNYHlYWfDqRXpO2vhFaa91iMf%2B3DpW69LyVH2kcW8UHBmTO2u%2FD6MUVjI5yuoO%2F6SNEMMGVDDdWpWI47EnVWd%2FGMPokSJOc1FiwpD1Ft8dBRg7uClHrpHTF5M%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 62a198351ca74aaf-FRA

GET
H2 200 custom-plugins.js Show response
gdevkievezhithorosho.com/wp-content/themes/bard/assets/js/ 868 KB
270 KB 47ms
41ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/js/custom-plugins.js?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc34cb6c032c3469fa54ee8bde858017289afa3bc637ddae2cd6eea5a0ff211

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4138733
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd752800004aaf2e3d6000000001
last-modified: Wed, 10 Apr 2019 09:39:35 GMT
server: cloudflare
etag: W/"5cadb9d7-d9179"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RQ8a8yhWmUnH9UlptDcy39VyTI6l4xEehaUAV4avasD0QDTk5E%2Bq42u%2F6inFlCJybPJbLOuaOv0jNOND58Gw%2Fi8OrrgOKLfqCmxK15Ru%2Bd4VNNOaOHiSusXrU5e3zxSyguCJw6U%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a198350c764aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom-scripts.js Show response
gdevkievezhithorosho.com/wp-content/themes/bard/assets/js/ 5 KB
2 KB 34ms
28ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/js/custom-scripts.js?ver=1.3
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35a2ca4e91b06fa2df97cb942afc11d6f9f5441ecb31bc4a1c4759a1fbee6bf3

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8095602
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd752900004aaf1a150000000001
last-modified: Mon, 21 Sep 2020 04:16:34 GMT
server: cloudflare
etag: W/"5f682922-15a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eZWM4cdQgnTbxZ4vGePH%2Ft3rgnTFXJn4HK2Yeau17J9YQ71D4zq4B0cdKKisBREi%2BUmrdVpOvHgQXD88BvJ1tuSu%2Bh8PiRQlkb8fOTfj%2FepXDboOx8uHSAWs0AMlhELrt3Apj70%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a198350c784aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific.js Show response
gdevkievezhithorosho.com/wp-content/themes/bard/assets/magnific/ 38 KB
11 KB 31ms
25ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/magnific/magnific.js?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1bc1e0d2ce61d2d27e0f0d93be5857b709f8a1eceb9d28d943c2891b5402009

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1297514
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd752900004aaf6ca0a000000001
last-modified: Tue, 20 Aug 2019 09:30:55 GMT
server: cloudflare
etag: W/"5d5bbdcf-96e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gGaoaX%2BLVXa2C7ItAXy42nF9aJq5ZhKrR4NljNopAoslbdvgvqGjZeOI2nposQaId4Lm3eXv90ugcNc1QHgGgYpdpYm3Fr6iooSJydr%2FdGfyH4jLOzHMBd4%2BWOe7kUVNt56bB40%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a198350c7a4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front.js Show response
gdevkievezhithorosho.com/wp-content/plugins/gd-bbpress-attachments/js/ 1 KB
779 B 27ms
22ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/gd-bbpress-attachments/js/front.js?ver=3.2_b2320_free
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67f8e668fe74df826eca1f04f20bca631be9b6ed4a1ed03c8971025c544e589c

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8095601
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd752a00004aaf09971000000001
last-modified: Thu, 26 Jul 2018 12:51:08 GMT
server: cloudflare
etag: W/"5b59c3bc-441"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t%2FWz4SSCyWjZ2qFo6GdIkrloTGfXk2%2FQmmtxd%2F3ehCcnpXrBLVdnlXdge9WgOgZ52%2Ftu1EV%2BuE%2F5%2FZoghrZW%2FS903SMyIEp4Km78JIAUNjfVbvlr0nXsdApiJhfk40nsxnBuQlM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a198350c7c4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
gdevkievezhithorosho.com/wp-includes/js/ 1 KB
1 KB 44ms
39ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-includes/js/wp-embed.min.js?ver=5.0.1
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8095601
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd752a00004aaf07115000000001
last-modified: Thu, 11 Oct 2018 04:00:23 GMT
server: cloudflare
etag: W/"5bbecad7-57b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E7On44%2F%2FxsBr18Y516F4wy5cMV7G7Hh50S9mf7NFMXCrZv9Gd7GF8k1dcwVXuYpI17p6VN%2FPifo3lQ94row9azVLOs2631n%2BlGE5FBZvdiJ6xT%2FuVAKWFX%2BEYMBBRIa5xwsRvug%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a198350c7e4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 91ms
32ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d138775cce6af92fc39f461deace3f4acc1a6dbfc92fecd2614f7fcd84cd5c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15354
x-xss-protection: 0
server: cafe
etag: 10035566082897300929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Mar 2021 08:46:28 GMT

GET
H2 200 gtag-events.js Show response
gdevkievezhithorosho.com/wp-content/themes/bard/assets/ 10 KB
3 KB 32ms
29ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/gtag-events.js
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 287fd3499fe2d3ccebe83713294e58992e3b9aee6ef69ee76500a0bb58c401c8

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6544882
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd753300004aaf0f19d000000001
last-modified: Fri, 10 Jan 2020 13:42:05 GMT
server: cloudflare
etag: W/"5e187f2d-27aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0MQEFT3rVqvvmerLtMovZWwbRZ8RIPor2POJD75d5G%2BzK%2FmcAuw%2BAp%2FycEA7R1V4yaI82YNykpVBn2ax6yLxLaZt5S9LRKVCYCxDHL2KBCwp6HLZLp5PdqFVDTvosIHhtzUk5tU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a198351caa4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amp-events.js Show response
gdevkievezhithorosho.com/wp-content/themes/bard/assets/ 6 KB
2 KB 32ms
29ms Script
application/javascript 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/themes/bard/assets/amp-events.js
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c073001054af588afa4a95c0678e4f8f09c920842f4546fecc88a40d5d5717e5

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8123578
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd753400004aaf203e8000000001
last-modified: Mon, 02 Mar 2020 10:39:57 GMT
server: cloudflare
etag: W/"5e5ce27d-17d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OF2hn1271lPWGdeejK5FDURNxq3tHv1VYpCmgRt3N7jyY%2FtERRn%2BjY5d%2FXjNjsxTiMywI4Xp6DHhPOGADX%2FDG5FIE02sJ3bIvsEHXDPtuaaWKaacNLKYSyDlq1yg8A11%2BrDcWN4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 62a198351cac4aaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 82 KB
27 KB 34ms
17ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bbd49454237351594bd41e1a6194677be17eccc8ebce4eb60045e7d51ebcabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92727
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0898dd753800004e80182ad000000001
last-modified: Thu, 08 Oct 2020 23:55:07 GMT
server: cloudflare
etag: W/"146c7-5b1318fce2e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 62a198352dea4e80-FRA
cf-bgj: minify

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 479103
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:25 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3g3D_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3g3D_vx3rCubqg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2807363e414bd864292a9555556ce345e6046bb2c9eb090586c96848dc200a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:14:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:52 GMT
server: sffe
age: 538335
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7984
x-xss-protection: 0
expires: Fri, 25 Feb 2022 03:14:13 GMT

GET
H2 200 fa-solid-900.woff2
gdevkievezhithorosho.com/wp-content/plugins/comments-like-dislike/css/fontawesome/webfonts/ 61 KB
61 KB 33ms
32ms Font
application/octet-stream 2606:4700:3031::ac43:ae7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gdevkievezhithorosho.com/wp-content/plugins/comments-like-dislike/css/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/wp-content/plugins/comments-like-dislike/css/fontawesome/css/all.min.css?ver=1.0.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ae7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://gdevkievezhithorosho.com/wp-content/plugins/comments-like-dislike/css/fontawesome/css/all.min.css?ver=1.0.7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1220
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62472
cf-request-id: 0898dd753600004aaf4eb0c000000001
last-modified: Sat, 11 Aug 2018 06:56:54 GMT
server: cloudflare
etag: "5b6e88b6-f408"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s%2Fxaak74eiHLSeMYdfFXHct%2Bo6FKI39K7TA9rwUGtpqK%2F5Ng650dX8MyoXhHUIF4BoMKNwb8M2ZgpVuA5gH5ncrrbnNnMt3oKbP7%2BIX%2BtTd56N6qTbA7hJbN5Di4FNW1U4p8HV0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 62a198352cb14aaf-FRA

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 08:37:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 432537
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Sat, 26 Feb 2022 08:37:31 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 138656
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:15:32 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3g3D_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3g3D_vx3rCubqg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b257dc12266c8455c5187bc9234d5ea37d0ef84f6d7027434e48f39108139cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i&ver=1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 07:15:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:06 GMT
server: sffe
age: 437470
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8004
x-xss-protection: 0
expires: Sat, 26 Feb 2022 07:15:18 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ 5 KB
6 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:03:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:19 GMT
server: sffe
age: 528186
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5608
x-xss-protection: 0
expires: Fri, 25 Feb 2022 06:03:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6260742-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3551
date: Wed, 03 Mar 2021 07:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 03 Mar 2021 09:47:17 GMT

GET
H2 200 pubads_impl_2021022501.js Show response
securepubads.g.doubleclick.net/gpt/ 287 KB
101 KB 85ms
32ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060314

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 09:38:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103137
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:28 GMT

GET
H2 200 gdevkievezhithorosho.com.html Show response
orbit4.lun.ua/html/ Frame 25A1 5 KB
2 KB 41ms
35ms Document
text/html 35.244.154.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
Requested by: Host: orbit.lun.ua
URL: https://orbit.lun.ua/js/af276720.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.154.20 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.154.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7e80a9d5ebe93a11e4f89561675016b3e9adfe8d583a62611161bb8cc5f590b6

Request headers

:method: GET
:authority: orbit4.lun.ua
:scheme: https
:path: /html/gdevkievezhithorosho.com.html?temp=af276720&random=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gdevkievezhithorosho.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gdevkievezhithorosho.com/

Response headers

x-guploader-uploadid: ABg5-Uw_BphHj_6zoog3yjNhqrYVraiQZKTttuaCYlBfrUbWpOzrg409gQUyWNlaOgxElfUaAB5YlAKVEiugmRexWYBGnwbtcA
date: Wed, 03 Mar 2021 08:46:28 GMT
expires: Wed, 03 Mar 2021 09:46:28 GMT
last-modified: Thu, 28 May 2020 08:27:49 GMT
etag: "82f7db6efaae93a7fb614f45284d91ec"
x-goog-generation: 1590654469994564
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2050
content-type: text/html; charset=utf-8
content-encoding: gzip
x-goog-hash: crc32c=u38Cmg== md5=gvfbbvquk6f7YU9FKE2R7A==
x-goog-storage-class: REGIONAL
accept-ranges: bytes
content-length: 2050
server: UploadServer
cache-control: public, no-transform, max-age=3600
age: 0
alt-svc: clear

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 06:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6701
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Mar 2022 06:54:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/992223929/ 2 KB
2 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992223929/?random=1614761188787&cv=9&fst=1614761188787&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgdevkievezhithorosho.com%2F&tiba=%D0%93%D0%B4%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B6%D0%B8%D1%82%D1%8C%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%BE%3F%20%7C%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%9A&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fd14cfc3eea4db92b7f3ecd24b1797f873a4b2079b69a0e98800f1f60393b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1066
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v18/ 5 KB
6 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f032294207e8ba683f350cf12b26bf73d054b427ce483a06afb66317f235194f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 04:37:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:55 GMT
server: sffe
age: 533320
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 25 Feb 2022 04:37:48 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
394 B 48ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1344300103&t=pageview&_s=1&dl=https%3A%2F%2Fgdevkievezhithorosho.com%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%B4%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B6%D0%B8%D1%82%D1%8C%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%BE%3F%20%7C%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B0%2C%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%20%D0%B8%20%D0%BE%D1%82%D0%B7%D1%8B%D0%B2%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=191170641&gjid=357953180&cid=146012872.1614761189&tid=UA-6260742-9&_gid=2063652189.1614761189&_r=1&gtm=2ou2h0&z=1860126209

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:46:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gdevkievezhithorosho.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles.css
a.mailmunch.co/app/v1/ 21 KB
3 KB 6ms
6ms Stylesheet
text/css 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/styles.css
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 00:33:04 GMT
content-encoding: gzip
age: 29605
x-cache: Hit from cloudfront
content-length: 2274
access-control-allow-origin: *
last-modified: Tue, 02 Mar 2021 06:38:07 GMT
server: AmazonS3
etag: "ebadbd893e35932dd23979936b0e3218"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/css
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: -_NMqAVQB1Nu53dvsgJm0MUnFsbormV-t8P9CB-3G9umgPnP89M0QQ==

GET
H/1.1 200
OK 116115 Show response
forms.mailmunch.co/sites/ 89 B
574 B 332ms
113ms XHR
application/json 52.45.2.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.mailmunch.co/sites/116115
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.2.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-2-52.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 149ffe7f6fbbec63956909e28082ee74bc799079f4701eea0d459662f02d8442

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 08:46:29 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"59-HYahHtOrH3WW2mbuIPJUtP9z0WU"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
Content-Length: 89

GET
H2 200 /
www.google.com/pagead/1p-user-list/992223929/ 42 B
164 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/992223929/?random=1614761188787&cv=9&fst=1614758400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fgdevkievezhithorosho.com%2F&tiba=%D0%93%D0%B4%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B6%D0%B8%D1%82%D1%8C%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%BE%3F%20%7C%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%9A&fmt=3&is_vtc=1&random=2800274138&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:46:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/992223929/ 42 B
180 B 19ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/992223929/?random=1614761188787&cv=9&fst=1614758400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fgdevkievezhithorosho.com%2F&tiba=%D0%93%D0%B4%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B6%D0%B8%D1%82%D1%8C%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%BE%3F%20%7C%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%9A&fmt=3&is_vtc=1&random=2800274138&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:46:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gdevkievezhithorosho.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060314

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 37ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gdevkievezhithorosho.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060314

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 97ms
65ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2171916350422053&correlator=4290550569399166&output=ldjh&impl=fifs&eid=31060237%2C31060309%2C31060314&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210303&iu_parts=1021027%2C_GdeVKieve240&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C240x400&prev_scp=article_id%3Dmain&cookie_enabled=1&bc=31&abxe=1&lmt=1614761188&dt=1614761188953&dlt=1614761188550&idt=385&frm=20&biw=1600&bih=1200&oid=3&adxs=1040&adys=228&adks=76778870&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgdevkievezhithorosho.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=146012872.1614761189&ga_sid=1614761189&ga_hid=1344300103&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060314

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

67ad9609b889acaa8d163adfa2c2c3494fcdd6fe67a5ab2d6bb8dc55434523cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2426
x-xss-protection: 0
google-lineitem-id: 108262377
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138271901709
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gdevkievezhithorosho.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 30ms
13ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060314
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060314
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 25A1 17 KB
1015 B 41ms
28ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e6e797a41dfe372f1abc33939eef549eebcee45c9b66abbbe77068c68f9a98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 08:17:54 GMT
server: ESF
date: Wed, 03 Mar 2021 08:46:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 08:46:28 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 25A1 2 KB
978 B 41ms
27ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 08:35:30 GMT
server: ESF
date: Wed, 03 Mar 2021 08:46:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 08:46:28 GMT

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/ Frame 25A1 19 KB
3 KB 25ms
12ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/swiper.min.css

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 559080
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2581
cf-request-id: 0898dd7670000006058f021000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-4d42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fk9ruygTXKBe2RdpNELkwh8aaMQcA0elgmFLiaLowlrCvqlyK2jvLCelxN2wAf7jGojAphJ7wKzAxS0auer8LT7eHKlBEoJIGl8HYWXi8Bjepy6wgfiGFRU2uFAL%2BC26nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62a198371c2e0605-FRA
expires: Mon, 21 Feb 2022 08:46:28 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 25A1 56 KB
19 KB 31ms
31ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

11cb6f57e40ba6b25c3610aed3bb4035a3f2af6ec2bdf0cffdfde88b2d70e76d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "800 / 749 of 1000 / last-modified: 1614726621"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19335
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H2 200 bundle.css
storage.googleapis.com/orbit4.lun.ua/css/ Frame 25A1 5 KB
2 KB 27ms
7ms Stylesheet
text/css 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/orbit4.lun.ua/css/bundle.css
Requested by: Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5c8d4995b0c7913713093d6db12e8e562ced412258cf23de5508fb67e390e001

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:13:42 GMT
content-encoding: gzip
age: 1966
x-guploader-uploadid: ABg5-UzQe4clW2PC2XlU6netM-kQW4mfUMAVI_Fdp7MnquOyg4L82layJtv3xLgghC5Ls_8TvRTBA3voKR8KNKJd348
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1745
last-modified: Thu, 28 May 2020 08:27:57 GMT
server: UploadServer
etag: "f6c97e35beafc9f8f393602b1ae86c7e"
x-goog-hash: crc32c=sSknYg==, md5=9sl+Nb6vyfjzk2ArGuhsfg==
x-goog-generation: 1590654477380545
cache-control: public, no-transform, max-age=3600
x-goog-stored-content-length: 1745
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Wed, 03 Mar 2021 09:13:42 GMT

GET
H2 200 bundle.js Show response
storage.googleapis.com/orbit4.lun.ua/js/bundle/ Frame 25A1 287 KB
82 KB 27ms
7ms Script
application/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/orbit4.lun.ua/js/bundle/bundle.js
Requested by: Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a390ce0831821ade77bd6f4f8136265459842c4411486886006a1efc5f2d9628

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:21:45 GMT
content-encoding: gzip
age: 1483
x-guploader-uploadid: ABg5-UxqWZzaeD8Q9bE4aErWCXc5sfN-2Q-LmXTYGl6OfT9qkYN372XfDBecpJA9fZO2OcgQ4bWJNR2_6brgObpsWGFiA5lzTw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83728
last-modified: Thu, 28 May 2020 08:27:53 GMT
server: UploadServer
etag: "0892c89c1100e4a5cde00ef612f22728"
x-goog-hash: crc32c=qI0COg==, md5=CJLInBEA5KXN4A72EvInKA==
x-goog-generation: 1590654473695509
cache-control: public, no-transform, max-age=3600
x-goog-stored-content-length: 83728
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Wed, 03 Mar 2021 09:21:45 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
452 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-6260742-9&cid=146012872.1614761189&jid=191170641&gjid=357953180&_gid=2063652189.1614761189&_u=IEBAAUAAAAAAAC~&z=1511710344

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Mar 2021 08:46:28 GMT
content-type: text/plain
access-control-allow-origin: https://gdevkievezhithorosho.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 25A1 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3552
date: Wed, 03 Mar 2021 07:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 03 Mar 2021 09:47:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 25A1 91 KB
24 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: ttxEypbIsJGthkQcpiO+MlgLI8vXFILe3hjUvhc0TNDJVX6eUBGioo524cDJ4IJUIdUpm6N70/R8JAZsle+3tg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 03 Mar 2021 08:46:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 44ms
31ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-6260742-9&cid=146012872.1614761189&jid=191170641&_u=IEBAAUAAAAAAAC~&z=1667865944

Requested by

Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 45ms
31ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-6260742-9&cid=146012872.1614761189&jid=191170641&_u=IEBAAUAAAAAAAC~&z=1667865944

Requested by

Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 25A1 7 KB
7 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://orbit4.lun.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 479102
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6720
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:27 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 25A1 0
0 42ms
23ms Fetch
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/orbit4.lun.ua/js/bundle/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 11455623323049291750
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 25A1 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://orbit4.lun.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 447650
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:39 GMT

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame 25A1 3 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:43:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 178
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2779
x-xss-protection: 0
expires: Wed, 03 Mar 2021 09:43:31 GMT

GET
H2 200 728614063843886 Show response
connect.facebook.net/signals/config/ Frame 25A1 241 KB
70 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/728614063843886?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99e0877262fea5554aec4a8898b0828c49d9dd85e1107a7ae99db6770238ef09

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70796
x-fb-rlafr: 0
pragma: public
x-fb-debug: Kr7jx0qUyYlR9yLBqWVNNo91pJ6h897gZQ5QBUSMdq3nGTIVHo+eSuTICXo0mB1NPxPFxvXJkPamRl/Gnx2rRQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Mar 2021 08:46:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021022501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 25A1 287 KB
101 KB 30ms
30ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 09:38:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103137
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
446 B 57ms
38ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=2171916350422053&r=300x600%7C240x400&w=300&h=600&a=0

Requested by

Host: gdevkievezhithorosho.com
URL: https://gdevkievezhithorosho.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html Show response
adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 82DC 6 KB
3 KB 34ms
20ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060314

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gdevkievezhithorosho.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gdevkievezhithorosho.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Wed, 03 Mar 2021 08:46:28 GMT
expires: Thu, 03 Mar 2022 08:46:28 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 40ms
40ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060314

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602243598683"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 82DC 24 KB
8 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com
URL: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68302
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 13:48:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82DC 107 KB
33 KB 34ms
33ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com
URL: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 25A1 107 B
799 B 48ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=orbit4.lun.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 25A1 107 B
531 B 43ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orbit4.lun.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 25A1 26 KB
8 KB 106ms
104ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4446363004057502&correlator=1304711672502659&output=ldjh&impl=fifs&eid=31060207%2C21068031&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210303&iu_parts=1021027%2C_gdevkievezhithoroshoBK&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=320x50%2C320x50%2C320x50%2C320x50%2C320x50&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight&cdm=orbit4.lun.ua&bc=31&abxe=1&lmt=1590654469&dt=1614761189145&dlt=1614761188858&idt=268&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=748&ish=370&oid=3&adxs=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adys=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adks=1132465649%2C1132465646%2C1132465647%2C1132465644%2C1132465645&ucis=2xuufgtdoviy%7Chgh8kqr4f2q1%7Cgvbjkmceywav%7Csejqilhefr4e%7Cqfur6mamy5bf&ifi=1&ifk=390606144&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Forbit4.lun.ua%2Fhtml%2Fgdevkievezhithorosho.com.html%3Ftemp%3Daf276720%26random%3D1&ref=https%3A%2F%2Fgdevkievezhithorosho.com%2F&top=https%3A%2F%2Fgdevkievezhithorosho.com%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0%7C0x0%7C0x0%7C0x0%7C0x0&msz=0x0%7C0x0%7C0x0%7C0x0%7C0x0&ga_vid=2097189661.1614761189&ga_sid=1614761189&ga_hid=268739371&fws=384%2C384%2C384%2C384%2C384&ohw=0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e09aee078845f52f360c8e6593042d232fc58ea6ffa61a38b0bfd36f996dee63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8138
x-xss-protection: 0
google-lineitem-id: 5629600737,-2,5631136301,5628691422,5629586799
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138264062584,-2,138318560426,138296231606,138250359097
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orbit4.lun.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 25A1 0
0 35ms
13ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 25A1 0
0 7ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82DC 0
0 56ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssI8s6YlrUBoHOHh7Q72oBxoSHWCQieD2U5UGYv_I1PrdRd7CscsjlcWNjn8njbz4T6JC_m1DyYAL59LYnBKZSx8O2eSli5pmC0fMk7xsVBGOXTIrsq2TrsAYsmLLlFERAPqpNVQMlF_1Fh533B-8YbXxYtnRuPPedDcYrRft2S8qYAI1JI0uo5IjmrOvO5Yf_IVw6J7BpvQPKD-qPl4-4TF-KcXU6qdr5K4cgkZyYaDzGTKhBpb1aIShTbnmXJaoZ0ZHhMdJLsFBdqT1BX4YNNw_teqfZK-7iggSYe1DM6pe4W_sk-KqNt&sig=Cg0ArKJSzNIAK4b3lIjnEAE&urlfix=1&adurl=

Requested by

Host: adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com
URL: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 gdevkievezhithorosho.com_vertical.html Show response
orbit4.lun.ua/html/ Frame 2AF0 5 KB
2 KB 34ms
34ms Document
text/html 35.244.154.20
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
Requested by: Host: adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com
URL: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.154.20 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 20.154.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 51638734fccdc1d6358090d04ffc85869fd4d54a402bd01da0d45e3a391e4025

Request headers

:method: GET
:authority: orbit4.lun.ua
:scheme: https
:path: /html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

x-guploader-uploadid: ABg5-UwAb3FSmHi23RVsuc5WRfiN5xi6yfVAwk7qWAWrudGjLXdoFzfpzy9B3C39Ds6OnuvdXXLs28i_8II4s7mqCtI
date: Wed, 03 Mar 2021 08:46:29 GMT
expires: Wed, 03 Mar 2021 09:46:29 GMT
last-modified: Thu, 28 May 2020 08:27:49 GMT
etag: "1ba2d97ad5efe3e23a89a8869e991650"
x-goog-generation: 1590654469929468
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2035
content-type: text/html; charset=utf-8
content-encoding: gzip
x-goog-hash: crc32c=dYMLLQ== md5=G6LZetXv4+I6iaiGnpkWUA==
x-goog-storage-class: REGIONAL
accept-ranges: bytes
content-length: 2035
server: UploadServer
cache-control: public, no-transform, max-age=3600
age: 0
alt-svc: clear

GET
DATA 200
OK truncated
/ Frame 82DC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a985a689204e8bdcc382099c0f6550ec8b4ee257b365fe07851f7fb8f350b5e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82DC 0
0 93ms
63ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrZeB7QdadkLFYqiIgGdqpfmk7Vqz41Z9Q1iZ4Gba5Hv7iUedyLOnA3PUCPj804FhNW7ffesMq7Quk2QvBy6idJrhoGvjHpmzQDfvmatJYtQ18Acp2Sl5KfWpKUfqVtD_YZHEblTwCAhMGXHVuX0KZjkFotcl_PnZ_HeFUz-QnEKsqN1DAHgRmREiIz9mVrjKx2fdrKn5O5oS9RueQciU1GuPd7N3WOxpVttfvfqmab7_8pJP_4XKPN0WToaM3rteTLKo8gvKRjk380w-cmVpSZXWhv_Ntfl-h540b37B9FPiVqYDvgEhhutI&sig=Cg0ArKJSzIWsHx247ZsFEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 container.html Show response
ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7FBD 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Wed, 03 Mar 2021 08:46:29 GMT
expires: Thu, 03 Mar 2022 08:46:29 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B634 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Wed, 03 Mar 2021 08:46:29 GMT
expires: Thu, 03 Mar 2022 08:46:29 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1F34 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Wed, 03 Mar 2021 08:46:29 GMT
expires: Thu, 03 Mar 2022 08:46:29 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame E1B0 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Wed, 03 Mar 2021 08:46:29 GMT
expires: Thu, 03 Mar 2022 08:46:29 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25A1 74 KB
28 KB 29ms
29ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602243598683"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 25A1 8 KB
7 KB 54ms
41ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

406f09bf0ace9f285e6f3de068595ec0288e9b937cbdbfd0f8eeb404e7e48f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6591
x-xss-protection: 0

GET
H2 200 settings-1614755481.json Show response
a.mailmunch.co/forms-cache/116115/ 4 KB
1 KB 20ms
6ms XHR
application/json 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/116115/settings-1614755481.json
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 561651fed5aedbe6bced9c19a87f2d327ef38d317d2080dc789affa3d9141f87

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 07:11:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 5694
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 03 Mar 2021 07:11:27 GMT
server: AmazonS3
etag: W/"8891f434f9dcb5c86faefc01fe955a97"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5tlLWxj7-S6cOx3XmRT6YqpGRe7OxYchg4dlHyKKrGONaBeC4Fy7ZA==

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 2AF0 17 KB
1015 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e6e797a41dfe372f1abc33939eef549eebcee45c9b66abbbe77068c68f9a98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 08:10:20 GMT
server: ESF
date: Wed, 03 Mar 2021 08:46:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 2AF0 2 KB
608 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 08:40:31 GMT
server: ESF
date: Wed, 03 Mar 2021 08:46:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/ Frame 2AF0 19 KB
3 KB 10ms
9ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/css/swiper.min.css

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 559081
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2581
cf-request-id: 0898dd77bd00000605b2bc6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-4d42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oZknMaM6Zpe5Q7Ub9u64Wk6OPPgU%2B43fEAhZWubVKGRGRpg%2BOPOQbzFl3xRidboVflu%2Bn1mxU4RRwmLwhOhGicbKizb017RXSZEdhK5mJzqvclqi4gIu2TWyJrk4UIYJtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62a198392f840605-FRA
expires: Mon, 21 Feb 2022 08:46:29 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2AF0 57 KB
19 KB 44ms
43ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

4a01b27634f8ff7ccccd678a7dbd637d055aaf3c41c59d531ce5acb1eeb13bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "800 / 191 of 1000 / last-modified: 1614726854"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19503
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 bundle.css
storage.googleapis.com/orbit4.lun.ua/css/ Frame 2AF0 5 KB
2 KB 28ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/orbit4.lun.ua/css/bundle.css
Requested by: Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5c8d4995b0c7913713093d6db12e8e562ced412258cf23de5508fb67e390e001

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:13:42 GMT
content-encoding: gzip
age: 1967
x-guploader-uploadid: ABg5-UzQe4clW2PC2XlU6netM-kQW4mfUMAVI_Fdp7MnquOyg4L82layJtv3xLgghC5Ls_8TvRTBA3voKR8KNKJd348
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1745
last-modified: Thu, 28 May 2020 08:27:57 GMT
server: UploadServer
etag: "f6c97e35beafc9f8f393602b1ae86c7e"
x-goog-hash: crc32c=sSknYg==, md5=9sl+Nb6vyfjzk2ArGuhsfg==
x-goog-generation: 1590654477380545
cache-control: public, no-transform, max-age=3600
x-goog-stored-content-length: 1745
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Wed, 03 Mar 2021 09:13:42 GMT

GET
H3-Q050 200 bundle.js Show response
storage.googleapis.com/orbit4.lun.ua/js/bundle/ Frame 2AF0 287 KB
82 KB 29ms
15ms Script
application/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/orbit4.lun.ua/js/bundle/bundle.js
Requested by: Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a390ce0831821ade77bd6f4f8136265459842c4411486886006a1efc5f2d9628

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:21:45 GMT
content-encoding: gzip
age: 1484
x-guploader-uploadid: ABg5-UxqWZzaeD8Q9bE4aErWCXc5sfN-2Q-LmXTYGl6OfT9qkYN372XfDBecpJA9fZO2OcgQ4bWJNR2_6brgObpsWGFiA5lzTw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83728
last-modified: Thu, 28 May 2020 08:27:53 GMT
server: UploadServer
etag: "0892c89c1100e4a5cde00ef612f22728"
x-goog-hash: crc32c=qI0COg==, md5=CJLInBEA5KXN4A72EvInKA==
x-goog-generation: 1590654473695509
cache-control: public, no-transform, max-age=3600
x-goog-stored-content-length: 83728
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Wed, 03 Mar 2021 09:21:45 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 7FBD 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68302
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 13:48:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FBD 107 KB
33 KB 30ms
29ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame B634 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68302
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 13:48:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B634 107 KB
33 KB 30ms
30ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 1F34 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68302
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 13:48:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F34 107 KB
33 KB 30ms
30ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame E1B0 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68302
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 13:48:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1B0 107 KB
33 KB 30ms
30ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H2 200 popover.js Show response
a.mailmunch.co/app/v1/ 9 KB
3 KB 9ms
7ms Script
text/javascript 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/popover.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 111cea4209818a9350fc28c5ecf46ef9c0b3f3044cc7e0f8c3d197a725d3cca7

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 11:21:40 GMT
content-encoding: gzip
age: 77090
x-cache: Hit from cloudfront
content-length: 2245
access-control-allow-origin: *
last-modified: Tue, 02 Mar 2021 06:37:59 GMT
server: AmazonS3
etag: "7b9b4bf061035a5cf65e7eb4bd79149f"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 3KgDV1VV9OxAQVGZaWRYdHKag7JDxrL4RmpvwHIvFogqi-tDHqpLog==

GET
H2 200 topbar.js Show response
a.mailmunch.co/app/v1/ 3 KB
1 KB 9ms
7ms Script
text/javascript 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/topbar.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de98a2689c82724e7b0c3e981fe54d8a80aa030149a235f9379e9c75c767a87e

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 22:56:51 GMT
content-encoding: gzip
age: 35379
x-cache: Hit from cloudfront
content-length: 1011
access-control-allow-origin: *
last-modified: Tue, 02 Mar 2021 06:38:01 GMT
server: AmazonS3
etag: "98f0010605593e459320ec5a443a312a"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 0FJEMJ2_UmPOggJrMe5WuEka2bEKm8adHBxWv5GV2Yjs_a8jxbFYdg==

GET
H2 200 sidebar.js Show response
a.mailmunch.co/app/v1/ 3 KB
1 KB 9ms
7ms Script
text/javascript 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/sidebar.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03b91cc6b7b75f6aa9e1015ded5196298213496512857cbba8ac41a23ae06c13

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 23:42:02 GMT
content-encoding: gzip
age: 119068
x-cache: Hit from cloudfront
content-length: 842
access-control-allow-origin: *
last-modified: Sat, 27 Feb 2021 13:42:24 GMT
server: AmazonS3
etag: "2ca4c7727e84ca0ed208ae79d452266a"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: IVVAgDafqNgf5Bu885kPS5yBx34JVxf6yhWNiM5zGjPdieLgW3Ep6Q==

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 2AF0 46 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3552
date: Wed, 03 Mar 2021 07:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 03 Mar 2021 09:47:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 2AF0 91 KB
23 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: orbit4.lun.ua
URL: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: ttxEypbIsJGthkQcpiO+MlgLI8vXFILe3hjUvhc0TNDJVX6eUBGioo524cDJ4IJUIdUpm6N70/R8JAZsle+3tg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 03 Mar 2021 08:46:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7FBD 0
0 60ms
57ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7WFpHptx7wPYFWCBYLSHAX07OCoLAyJOhidwKnUpwMydc6zDLO2rP0Xtp6c-sSg8WGvSyNf1Pz7EQjlBlvZBd21E9eMTdkmYodoKYWutKlw2jjQ3oKkogVmuzAhQGyYT52QNTPmRak4CxJFEK-rhYrgFt_gLAYwE1n24klnXFQ2eySo7r0xYxzkOu_ImM97FLNE1GnwEFyT0cTaLlumTcs4GpYUv6f5-FYzdafsiEvssy-g_ohFO3Qv5ghjiqrIhjc2aprYH2dbVZUhnuKsLx0Pj61i4y1bwpknGrwBNrQ-A4EIEhRa4Pq4p7K3JR390&sig=Cg0ArKJSzCrMzgoHzrebEAE&urlfix=1&adurl=

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B634 0
0 58ms
57ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJEGnBEf-fEPLXpfcrI-kYW-Kc2p2iJ5BzEjJmaSltNfsOWJ8ZBOsT1kkV_b36Eqo6yBaqUvo7i-OHwChriP5COSh33RqRcwDT4oMlWe-X6oyIfHdJD0rALIe9441xqW6mnjKLyqYDkdMJ7SXfh_gGdybVgQCQAi_yVetpwx9hc63zSo5mX0ss7OuUQE0b9LFC7-Trao57_auzkBs24ZDtpAUEF2sXNsVWYpTwwGEY70gdbK3U9_MuGS1DKNvObF77ItyaL6qXQAi1mT7FwZYhMQlZ1Lrw3v56CREnljw6dZLLUw7L-zuGJVrAjj_dGjY&sig=Cg0ArKJSzEfKMddzL8gVEAE&urlfix=1&adurl=

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1F34 0
0 57ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst31lJV2l6T9nL6WfcjCNA56gz0nPGErzzzeeRjx9Vm3yhiklFFFD0d-JQkbVVqp1jjp4SvHfd02w1nW1MObjqWAs8eExJd9jt0qt-W5y5s3rV_txjyhkB-6QVjg27SygGLhwBqPIFf10TVTRPIsjLr7vHl_JjvlKPBWEu7iHcUVg2uGJvIFMy_KfUQy2-OIeFxHyiPVDlNcwdn85ThsLg7TYjkl8VdjQkZqMdbzwzzmX4ZmRfulSgygj6X3nKbWxHvGhRjjEq9Dxf1mXqThhnf69Tz-AloLgiYvEjGZ_pJJKZAE83191znzTWydhTS-p4&sig=Cg0ArKJSzI0QWootBrcVEAE&urlfix=1&adurl=

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E1B0 0
0 57ms
57ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteA5Xf42lnrXPZMkgdFJweHrSDhwUCPlTfnS7-V0Qlnge3rCTMsmwOJIVrHXd79jMPDiI4Fozcm2KTLKlZgUmKniDBBhnPgW4kNwwDOyOjjek_p7GZHyuYosLo21AXexfLDHyiK-S1BSGCR1Cu3a7kf8ir0OAbx1UmwR4Phq7gHIsQi2NUJK39_cSJgJ0kKbchLKUj4rwDHunKb8EVz72xGr8GRmzHIgEB5VbEILZIhVVeBWLxKwrVv2hCF9oEJjOaN4gY43oFpV2RKUfD1CeIkhrDESKtOmSZSb14zXRyw6vg-HpAp868TE4E7nkE4hE&sig=Cg0ArKJSzJpPV71pJYyFEAE&urlfix=1&adurl=

Requested by

Host: ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
URL: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 index-1586421174.html Show response
a.mailmunch.co/forms-cache/116115/774767/ 110 KB
39 KB 9ms
9ms XHR
text/html 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/116115/774767/index-1586421174.html
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2526c88d4830163043333bface2b3f7e20b7747a465118eb50961dca624d97a

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:34:16 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2077933
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 03 Sep 2020 09:23:00 GMT
server: AmazonS3
etag: W/"7afda55027fde92e4921320ee68cd2c4"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lSjMlFQJ3jYfMUOeimtZs-At3QFatgclyBzOOf26bd2GgGHBobHbPQ==

GET
H2 200 index-1591366385.html Show response
a.mailmunch.co/forms-cache/116115/151662/ 111 KB
39 KB 12ms
12ms XHR
text/html 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/116115/151662/index-1591366385.html
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6699a50c92575f0c5b14b6052ce03ff715f11b07ace5ab8b83a1efcc113c0bf4

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 05:20:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 5369177
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 03 Sep 2020 09:23:00 GMT
server: AmazonS3
etag: W/"3c2900cb3714f85cd1c895677a6ad778"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mDwyKIuN1XuqWd4j5ZghLKxtv83PXynDnQyGUGo__j7GgWqccfqggQ==

GET
H2 200 index-1554820229.html Show response
a.mailmunch.co/forms-cache/116115/768709/ 110 KB
39 KB 11ms
10ms XHR
text/html 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/116115/768709/index-1554820229.html
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27bf62107a104ddcbcac2550e38c8fe95530427cabad47befa5c5103f5d1c9d0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 05:56:27 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 14439002
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 03 Sep 2020 09:23:00 GMT
server: AmazonS3
etag: W/"d480112b86e6bbcda4db807b8c55f457"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: siP_njtBtVbQrzYr5ATV-zSf4eJBP0RTVxLCnHdXRAdg2OMycBNazQ==

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 2AF0 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://orbit4.lun.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 479102
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6720
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:27 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 25A1 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 2AF0 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://orbit4.lun.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 447650
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 04:25:39 GMT

HEAD
H3-Q050 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2AF0 0
0 23ms
23ms Fetch
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/orbit4.lun.ua/js/bundle/bundle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50133
x-xss-protection: 0
server: cafe
etag: 11455623323049291750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame 2AF0 3 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:43:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 178
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2779
x-xss-protection: 0
expires: Wed, 03 Mar 2021 09:43:31 GMT

GET
H2 200 728614063843886 Show response
connect.facebook.net/signals/config/ Frame 2AF0 241 KB
69 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/728614063843886?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99e0877262fea5554aec4a8898b0828c49d9dd85e1107a7ae99db6770238ef09

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70796
x-fb-rlafr: 0
pragma: public
x-fb-debug: Kr7jx0qUyYlR9yLBqWVNNo91pJ6h897gZQ5QBUSMdq3nGTIVHo+eSuTICXo0mB1NPxPFxvXJkPamRl/Gnx2rRQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Mar 2021 08:46:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7FBD 0
0 57ms
57ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuq6OO0_UqlXaTiS8hN4MaUXnSjaAl62WJUt8mU7R7XLdQ-A1J0wfx0d1g5u5TcG03lvG8BqhlPdpmBYcp8kTN4l4l33luejSpgJ3QpliJ1uihXleX8yjqDLHmz3xGiMLw5JTceUWKmMlDswtVQtn26YEtmkdSqzDAPW7_c70lAL3oSEoymAPd-o1OLiMRug89HibdV1TENXyjy0bPezc0NfzBNdh7qCld_DC3n58cRRJhFvlw0kKT-npZk5nWcAE7VdcZmt4Yu0VXEcpIhpESDh9iiPRoQJcCpn8wm8h0bCl15ycDOrY0dUGeCrx8FYbVlBw&sig=Cg0ArKJSzK_CU0_4_fnJEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B634 0
0 57ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPj3mMYatWOBGGOWqp18v3G7USDI56TZue4uVSpdjXybqgGb8rCKKrnKflNoILwxdlFZ_20wapCvBKzE4Ni-muSIcZYHZYM3afMqZfR0yALabtma8e7WAHG1MvjXbeOqghuKc2IJQ8g3LW129O-yC2zBY1LyLWGcNRJqxHAJikX9gi5pkHrHRv0qY6pAHA66YYdn5h-H3M6jeqUCHDLmJG75c53lkdI7k-ZsTmShWILWwxKWlnnMzddTNOyIZGu7cIApeTtFizac82NKT_yAoY4oshUa8qQJwaYrLJVOfeKJyVueijv_5P0J74legCfxVzAQ&sig=Cg0ArKJSzI6AC4jjUVmmEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H2 200 index.css
a.mailmunch.co/v2/themes/mailmunch/simple/popover/ Frame 4E57 8 KB
4 KB 6ms
6ms Stylesheet
text/css 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/v2/themes/mailmunch/simple/popover/index.css
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0c394da8d74dbd52fb6b05fe19e4c01b583af5dda0cafdb2df0788e0c402dba

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 18:12:08 GMT
content-encoding: gzip
age: 52462
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 08 Jan 2020 12:44:12 GMT
server: AmazonS3
etag: W/"356ca1b91209d27c3d0787851b99e4fd"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/css
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qJfZWPE19uQZhyhJEi_7RAI1EyIyrE5QqEbsL_4BdMhNRr1e_GdmxQ==

GET
H2 200 kisspng-envelope-company-business-constellation-vector-5adcd7fd365a21.3848036615244226532226.png
a.mailmunch.co/attachments/assets/000/122/746/large/ Frame 4E57 3 KB
4 KB 7ms
7ms Image
image/png 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mailmunch.co/attachments/assets/000/122/746/large/kisspng-envelope-company-business-constellation-vector-5adcd7fd365a21.3848036615244226532226.png?1555597278
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b4f4833fe7b2e395e83ce26a8638d722c40006a3060ba0e3bd1b72f8318eb45

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 02 Jan 2021 09:16:04 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
age: 5182226
x-cache: Hit from cloudfront
content-length: 3128
last-modified: Thu, 18 Apr 2019 14:21:20 GMT
server: AmazonS3
etag: "f7a0a07cea9b70d1ca83a8a303166c1f"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 1dN4nttwsLWgl3EOLSIX-n6cLn43e5qxd5qq-wl5xXRwJcEw7kFusA==
expires: Sat, 18 Apr 2020 14:21:18 GMT

GET
H2 200 index.css
a.mailmunch.co/v2/themes/mailmunch/simple/topbar/ Frame C266 13 KB
6 KB 6ms
6ms Stylesheet
text/css 2600:9000:2156:6400:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/v2/themes/mailmunch/simple/topbar/index.css
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58f2ad06039b9c8f1d904e32e598e7cf52d2c9c487be46fc74e28c69722c66d3

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 12:32:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 159257
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 09 Jan 2020 00:56:27 GMT
server: AmazonS3
etag: W/"143210960bb558c27744cdc0959eda91"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/css
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -2ralpC-vPcKQCrgaUAW6hygRuhdKt89rLG6XGcqKSuzIoneFjg6AQ==

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1F34 0
0 57ms
57ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzoLkck4U3YncGaJ5KvzP322Rlps8sgXzIBwI-dHLNilZkws0CQsFK8tMKRE0J3ncmntX69nON3qpVLcZd1Dm3g0x-JjESk5iQHLuuteSvh3DYXU5QbjLVFsJQXkn5cVE0yPGz2ZhZGw8pKQMJD5NMDcQqXyk49-lS-hnFt-fQ8_tvNkOqx9_JR5viC5fus20YrjZ1G_CwYCdwAuVXrZmmfDyH9mm7CUexwamt3mwYsfhaSb4OdjIK6Bhs1gme4svzMBH1gaCkBdZLHxDR5Xy4_xsRKIAE_bnREV4MAj3iOlqM3qk4GxnDRhikWWFfPNczcg&sig=Cg0ArKJSzPBRHlmMLWunEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E1B0 0
0 56ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuf_7x7PiKf-rab6KzpfufmKyGSatrJoNwHNKuZKSPjTqFU2G6TB4PVGcaZYclyhsjzY1ShXJUEiD4B4uHZcDkY2o9Y8fKD1wb6yDuYOHNh4EZm-sRpmVF8pJxHuZPYzEpRRo1hdJUc6A4sTQiQi_eikfiofMdQsgJjMabykKxiYKTdEdd8y3eFKpeh0sxU_WWw3xGGoL9vT9WJrcl6aZlSVvyWppJbovgAyzID4WKnY9rqu5gFHDr6zbZwBY9Hjd6JEH0n1NhGi6QuieCxRfqRX6q5zuQTi8RmPUqHx4FR7mkGmmnRTb_Za3dyaTXv86tW0A&sig=Cg0ArKJSzLEs46tjID9bEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 pubads_impl_2021030101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2AF0 282 KB
99 KB 30ms
29ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 09:37:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101543
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 4E57 4 KB
665 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700,400

Requested by

Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/simple/popover/index.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://a.mailmunch.co/v2/themes/mailmunch/simple/popover/index.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 08:11:37 GMT
server: ESF
date: Wed, 03 Mar 2021 08:46:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame C266 4 KB
665 B 13ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700,400

Requested by

Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/simple/topbar/index.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://a.mailmunch.co/v2/themes/mailmunch/simple/topbar/index.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 08:32:20 GMT
server: ESF
date: Wed, 03 Mar 2021 08:46:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 271B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 03 Mar 2021 08:43:58 GMT
expires: Thu, 03 Mar 2022 08:43:58 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 151
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4E57 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc139bb571ba15adcd2e6f37859679ce715e5de67720f0724595e5b8a6dfe9b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 4E57 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:700,400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 138657
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:15:32 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 4E57 5 KB
6 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:700,400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:03:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:19 GMT
server: sffe
age: 528187
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5608
x-xss-protection: 0
expires: Fri, 25 Feb 2022 06:03:22 GMT

GET
DATA 200
OK truncated
/ Frame C266 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0de138c5c18bdf06f86d3f0f86784fb5cf679f47fe04a1912d28e8605908115

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame C266 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:700,400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 138657
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:15:32 GMT

GET
DATA 200
OK truncated
/ Frame C266 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65dd55d388f1ba7e3faa01ccbd042e858cd06efd86f8d4fdd480e38ff99244ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/ Frame C266 5 KB
6 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gdevkievezhithorosho.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:700,400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:03:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:19 GMT
server: sffe
age: 528187
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5608
x-xss-protection: 0
expires: Fri, 25 Feb 2022 06:03:22 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 2AF0 107 B
777 B 42ms
29ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=orbit4.lun.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2AF0 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=orbit4.lun.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2AF0 14 KB
5 KB 77ms
77ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3056669988649253&correlator=3033486697909692&output=ldjh&impl=fifs&eid=31060315%2C21068031%2C21069730%2C44738207&vrg=2021030101&ptt=17&sc=1&sfv=1-0-37&ecs=20210303&iu_parts=1021027%2C_gdevkievezhithoroshoBK4&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=320x50%2C320x50&fluid=height%2Cheight&cdm=orbit4.lun.ua&bc=31&abxe=1&lmt=1590654469&dt=1614761189646&dlt=1614761189256&idt=373&ea=0&frm=8&biw=-12245933&bih=-12245933&isw=300&ish=600&oid=3&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=4152061779%2C4152061778&ucis=8jhlca98tmg4%7Cn03kjvnlgdry&ifi=1&ifk=581806974&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Forbit4.lun.ua%2Fhtml%2Fgdevkievezhithorosho.com_vertical.html%3FblockID%3Dgdevkievezhithorosho_catalog&ref=https%3A%2F%2Fadbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&top=https%3A%2F%2Fadbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0%7C0x0&msz=0x0%7C0x0&ga_vid=1329585633.1614761189&ga_sid=1614761190&ga_hid=846262328&fws=384%2C384&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c2ce0c5fd6109ab746f6cfd9650afa8f43c7845e25a9fe441ab23761b5489af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5390
x-xss-protection: 0
google-lineitem-id: 5630156393,5628624708
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257386788,138323752369
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://orbit4.lun.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2AF0 0
0 28ms
13ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2AF0 0
0 6ms
6ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ekTeMRkTLAgqvKQxAlWoBzU2ULO22MBqypBxObrNBXw.js Show response
pagead2.googlesyndication.com/bg/ Frame 271B 14 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ekTeMRkTLAgqvKQxAlWoBzU2ULO22MBqypBxObrNBXw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a44de3119132c082abca4310255a807353650b3b6d8c06aca907139bacd057c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 00:45:00 GMT
server: sffe
age: 123290
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5735
x-xss-protection: 0
expires: Tue, 01 Mar 2022 22:31:39 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060314

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db71201ee95275344ef1425061018f1d05a6501a505c3f6788d30d79dfe05c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6460
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060314

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 container.html Show response
2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame AA36 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Wed, 03 Mar 2021 08:46:29 GMT
expires: Thu, 03 Mar 2022 08:46:29 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2124 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Wed, 03 Mar 2021 08:46:29 GMT
expires: Thu, 03 Mar 2022 08:46:29 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AF0 74 KB
28 KB 30ms
30ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602243598683"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2AF0 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c0703e38a9a060859fd825ef1bb974f6313d0380e2eb39e475cd6b487520a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6502
x-xss-protection: 0

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 0FA9 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gdevkievezhithorosho.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gdevkievezhithorosho.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 03 Mar 2021 08:43:58 GMT
expires: Thu, 03 Mar 2022 08:43:58 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 151
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2AF0 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060315

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame AA36 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
URL: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68302
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 13:48:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA36 107 KB
33 KB 30ms
29ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
URL: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 2124 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
URL: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68302
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 13:48:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2124 107 KB
33 KB 30ms
29ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
URL: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 59E2 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 03 Mar 2021 08:43:58 GMT
expires: Thu, 03 Mar 2022 08:43:58 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 151
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AA36 0
0 56ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstq94BrHicnt3SBzPGNx-3tcwrUXw4NpZE47KpPSH8JfBIPGA3XsjF0hkWYf2izBbCuTOyJDy_AKrHGU4CGXLIPgkpJipcws_dRjGtgNzLMpBuH23KlMuLMoFseiH-QSWVRAjPR-MGbUwkw0MUsBJI6ZrREzPEumQ0Y_cKp4y_rbdg4lMrlOukJ01KdEOCf_vLC0DeLr5vPE9jgQv8jWuoO48IpQFGGOaEcCR3UVkF1vIl1RilUhT9dNsYp9N8g47n4F6v8PoM-e2bCXPbmdlkivYSZ2ze8-5nsnUgvl7GQgXM8Awzxt6D7BtkMZhcrS2p0&sig=Cg0ArKJSzKOu39MwwX5GEAE&urlfix=1&adurl=

Requested by

Host: 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
URL: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2124 0
0 57ms
57ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspUCPzPxNfB2kG9BpY_wvBFO7LhldslWIh2yy-7kEiOKcfonwGOrXy3mL5CO7bYke9LmSEbD1Ir1lu-IJOF33TY3owrydWeK94KUjOfE9eEkASO2NOw1SJ534_nUqPTej9z857MijmmzxO7zgVvalxS5ToguOsZxs_LoMYxwasTV4xyNABUER-DYuE_btbFfOKWAEu-dgxQiooMm_c9iWIHws4N4oIAsQatQM8YcfUP6cYLXLfQ-6HdY1WU-7ocebbMjFaN3xMHJ62cT0veiB3c1qgduREClfbMRByStbCOqjKeK17tTvdYWzD4I0UPsHk&sig=Cg0ArKJSzKSr6p0hATqeEAE&urlfix=1&adurl=

Requested by

Host: 2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
URL: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 ekTeMRkTLAgqvKQxAlWoBzU2ULO22MBqypBxObrNBXw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0FA9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ekTeMRkTLAgqvKQxAlWoBzU2ULO22MBqypBxObrNBXw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a44de3119132c082abca4310255a807353650b3b6d8c06aca907139bacd057c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 00:45:00 GMT
server: sffe
age: 123290
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5735
x-xss-protection: 0
expires: Tue, 01 Mar 2022 22:31:39 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AA36 0
0 57ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyBH28X1Ee02_RD9VxjIBILhXG1kZy7Z0OrZleCGoUQphx8zOn5HfBGVGrXDT1pSAXIqIgpH8JvRCiDG0slD4yb16w5pitNwSOslkTp_NJyg8hoTUMe-ScjlxqtSX0el-lENatfaPYUOTHHWjrWodV4HxdQ6U2QxVm_xcSLX6d__g4RnIxm8er-KdDcxdbV3aU9sdGFAx7T50IC9u0T0QZE7RATHOdJ4R_xrwVf9OjMTNk2xWcqTMqZridEov0HWyBfRUS46o6-usc8joTsHCZp2WLjptxX-H3eSY7_bgPfwu1ivX010KQBXy3R6eRijP0gMo&sig=Cg0ArKJSzEia73UAm-8FEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H/1.1 200
OK /
analytics.mailmunch.co/event/ 35 B
344 B 341ms
109ms Image
image/gif 3.216.182.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.mailmunch.co/event/?site_id=116115&widget_id=151662&event_name=views&cache=1614761189891&referrer=https%3A%2F%2Fgdevkievezhithorosho.com%2F&visitor_id=78bdd9c0-e875-46f9-be2a-9f42737d16f9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.182.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-182-123.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 08:46:30 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 /
www.facebook.com/tr/ Frame 2AF0 44 B
409 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=728614063843886&ev=PageView&dl=https%3A%2F%2Forbit4.lun.ua%2Fhtml%2Fgdevkievezhithorosho.com_vertical.html%3FblockID%3Dgdevkievezhithorosho_catalog&rl=https%3A%2F%2Fadbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&if=true&ts=1614761189895&cd[ad_segment]=1&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614761189465&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 9681404921154138205
tpc.googlesyndication.com/simgad/ Frame 2AF0 123 KB
123 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9681404921154138205?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9e65da0dc2ba258683637a95a31ec96b8aa23e45195b867b15c93623a4f5b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 15:22:06 GMT
x-content-type-options: nosniff
age: 62663
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125478
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 15:19:28 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 15:22:06 GMT

GET
H3-Q050 200 17640529563913250313
tpc.googlesyndication.com/simgad/ Frame 2AF0 131 KB
131 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17640529563913250313?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58b070692934a2f4935a742bda0a5f2a5c76a9a0b56f1b4fc9b4b3f0f948efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 15:15:44 GMT
x-content-type-options: nosniff
age: 408645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134481
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 15:07:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 15:15:44 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 2AF0 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://orbit4.lun.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:17:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:10 GMT
server: sffe
age: 138536
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6824
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:17:33 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmYUtfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 2AF0 7 KB
7 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfABc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ceff12ed93f07702593bbe61fd6c3b718304e3ccf8e9ebf9c6bd2844eabb493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://orbit4.lun.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 09:18:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:11 GMT
server: sffe
age: 516499
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6756
x-xss-protection: 0
expires: Fri, 25 Feb 2022 09:18:10 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 2AF0 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://orbit4.lun.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 09:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 516497
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 25 Feb 2022 09:18:12 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 2AF0 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://orbit4.lun.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:56:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:08 GMT
server: sffe
age: 503393
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11012
x-xss-protection: 0
expires: Fri, 25 Feb 2022 12:56:36 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2124 0
0 57ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZyE5P88mJHXibdK4O-JDfzazt2Fh5x9GUVOQCjLRC0UBnplGWO6goQxy57MFfd7XLqT69LtUwwS2Q6jPrH5ar9DkDGtm4PG1tlRyOhuHNd8b4PHHNHU9px-u5GCe0HTJhL_K0QhyoW3lVhXg6g8wDYwngWhV7ftFeYGPah2xJP3-TsEQUpT00AfYkyCTWuQ-WADjbWQ1k0JftfePbFcq7sU5d3c1PpgTTIx8xZJORf5MpUHgqf8cElnrct2VqJklfRwzn77bU-lqjh9KcakaEvhA73n_gYR-PDbhN-pltQvKTcvFRd5qNlIdLxalXUTugxg0&sig=Cg0ArKJSzB2FdKk-wEGjEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 08:46:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 08:46:29 GMT

GET
H3-Q050 200 ekTeMRkTLAgqvKQxAlWoBzU2ULO22MBqypBxObrNBXw.js Show response
pagead2.googlesyndication.com/bg/ Frame 59E2 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ekTeMRkTLAgqvKQxAlWoBzU2ULO22MBqypBxObrNBXw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a44de3119132c082abca4310255a807353650b3b6d8c06aca907139bacd057c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 00:45:00 GMT
server: sffe
age: 123291
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5735
x-xss-protection: 0
expires: Tue, 01 Mar 2022 22:31:39 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25A1 0
224 B 40ms
39ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=4446363004057502&bg=!zM-lz4zNAAXdrq8Z3TsAKQB2-Dxa9QT6Zlph2017_JE2xc9BxQphTlCn4bv3frkGpa98OHfhWT08AgAAAR9SAAAALGgBBwoAMJ2hVS-Yt-sTmyO-NJjChNqDE3DDHNKinCuPT4oj-CI2fec4Yp8Hkty-bswYFP2rNZkCFjqRXOk5SVuiaCCQLmKEMy62lbeqse6kxl4phb1ajJh1SiqviSxjaj3MJopm4TOiQt2w9fc__OHKbhHqJ_w3dxSY-jESuWzDThYbZTReNq2n9gnZa-EY5Aax6zX39iCbsZRQ2rWQKe4nz5RETPusOMbT4QxKGVgRzPENNuiBaJIw3eetVsXKXK5jdm1ingNmOYI5KMYz5jbVt-pxI9TygWaWgtjoG1j26kRrBn0PHQCTfE0uB-rOS-uclaQQgddg2z-N2JNR7TiLa5CJCHtzP5AuAIJOcnKa9ixJcDpBvOgBW8F8QsdcnFl4AiE1YsTS6s3M_q4mHefkqpLVRZqJ-99PolElNFh7c7Gg-DAS2W5YaVILtC1QtRGaqUn9uTbX5JGasFall7OBScPeYObSWq0twNVsIj9GLa1RpIfVbIaZeiPGKrsABIfjmQssr_mADIkZKvihNdr7kG08f7EfpQCyymrrfJtZDxlb26lhkC-4AlIxcFGVP5G_fMqjliBBhQicOf5GOFdL8zoah317EEKHcTcoycYLrqqUvSlhl4wvg8Z-AkFsRWlzFAtH5DSexSOZzQrTJW8eD7XNB7zjWU7GxDJfIugb_SBlCCRDh_rOZfkPN5RJG_LH3434IlO7-1tYGhIDAKHVDdSRUhcSsZCCa9zGYT-9QB9XfIIwY6EnngFwVhmwcIMIvugbcO8cIDlUsYtPQQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:46:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 43ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=2171916350422053&bg=!MjGlMXLNAAXdrq8Z3TsAKQB2-DxaT4Zqh1a_xiA9qXd-3TZDkPLMdZHSTHFQNxbcF3GHvPEsI0ONAgAAALhSAAAAJGgBBwoBBQApMeiZTTIdX8iT5UH04rQWxQFB2LUJNF2UZXZbaD0KtakFuxzz5EIRfhpOjWRt7Eatfm87GpPCpi9XR76wz7GVTssjC3oHnUgoEiMLZpvE1N46FyTRH_bYKfkR2_BXly6XO9kRmC6-hbJRnKFYAZGGtHjCuKdl1KVxCb8wPtkZ0Im-rbN7hvZNYI2PW7xLask55rvbHku4u5ZlDW7NhtW2uQJE7UkPjEha2GvSl9OFWaZc8DYr_LOmZFjXLURIkFaJLJm9-cXWOyyjH6njd76-np0Yr28t7MCSBEJpscrPNUvDh2Op_ab1BNYNCL-L0mbhpYx-u0KxHlFcHBx_pkTUmeB1OpkB0CnL94OrwnJWK9R6dubNPUbux8xLF1z0sJhHtuaDLhBOSudXOJ3rSDX_oKAh_7Q5378HyoEDyFE_OzxKIfKaN8PMocyysvukWWmyqt5lQQLDXB-w4tiUi9PPgCCGh408kLAw3oC05kjTpyUNJL0Tzc9zgTsnTOzM_PBbzOPxtwlYCeYLMV3WN1jOxXfFXsAMJNHBREANQkl22RRZy8vftBPdvaaBGCvQX3Gg9t-JGUKBibBD33nhUEk-pz4XBrsDGuJWElfmXDzb2dokU51lY5C8om6162fBFDaqWVVZzmFGsyY792nmYfa58r-rM5DMrWfPh0azxr1FQkbtVPfW7Q330nvwhXuXrRhqK_9iCngylDLlagpMVP-feshqAJUGCeznWDqCV927qgTX-ELz1cfEMJFORfFbAeiIp5xVkNROyce_YfW2EYQsPZNMLma9QvpzW6t_IC9ceYVHWijp1_p55oe1Xgv66yUmnU4yx3gejUpvdXvfFBUCDFRHAqN-nzx-5LXJv3q55bWm5Ha5HmGbO8c20YY7tARFwGYPaGkl-7Ef7pZJu4Om9iqXUuiKBo7kbVjpXlJRkIypbkEhrYOpWkiNBfFdKFX3H5FRDIQN

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gdevkievezhithorosho.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:46:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82DC 42 B
155 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst01NQxplttY1fVRX-3gsYkPKZDouW5xjG8AiEx4J3aopaNvp6diX_sfBmVcc5eew7qm2HkVOb7fdzVIIV1SZs2N4-tryTxXacT-E1aFoo&sig=Cg0ArKJSzOgoYjt3FGtiEAE&id=osdim&mcvt=1001&p=228,1040,828,1340&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=76778870&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614761189075&dlt=40&rpt=183&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:46:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AF0 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030101&jk=3056669988649253&bg=!6eql6qnNAAXdrq8Z3TsAKQB2-Dxao8hISYzgmCefUFkxD-jRWc2qMDpb4oaPLurxALok6MIu1EbjAgAAAMtSAAAADWgBBwoAgw-m-W9gkR7Z6RoEXL9tH8iiebDDnJ-2CjMVr0813A5I-os8ooWSpZy2lapmuh1L3p7E668S-ZlulnyjqKvZ4s_tIIvxRdoyaFK5Nvbv0lYSIut4enga31qkHwQHO70DMadlhM-GnG_7wv65DjWh2leLpsguSbIEhi9dCz5y159pU0TZmQI_CZng0TNOc4XggAL9D5kQ6gtbnBWAF325rG3tjQq2YMRgoRb-YpLuWD8zDX0bLa3DGTvlVHRTIDT38voGXu0e0s1LkyfDE5ncwk8fxYBXrebqXSVSVpIFm9cYpdWPHlNaFyWzeD9c2xpcL-Lx59Q2wnPJHin8sOtgvNmD4DaU-MJsDZIEKt9ran4qDSLUEmAPdeNGR7gQKrE2652Vhh0qKhXNdMmSJDsD4TPpYpUcClNr0z-ngOEoNqHcmZhZVGlew1k-LxTJoR46v9IKe32CHNFrI0I_0ksdfcRth2orQTrOjisFrBNpy1aljCvPJbJLdejl1vGTsit3NBB5iCU7RrWMXFqQqfeoUN2Cdb7U0qRd-gRVzyjD-4p2htmEKz2y9djdcBfb1igjCnAVn-fulz2BYmtcFqBG_P-2e7MEat2LciD2mS3uu2rxZ42A0dT2Esop-IvlZexBMatSkjb7Ts6TZYqqtnAJoiVvAf3QS0mvkaFgSkrkZr8C3O2Yr2D5ha33jGvxIdJDgZPFZuK3-tJxK2Nw9y0PfzvZSkJGS92WCquVFkYLv0sLKNTP1fSIDp_hrhaPamgM2N-to2cfjeM09VzkSmu94tREliNjDs_548NHcfCESkohunOv51e-s7hRuNBmzyAapmKpSBbw9CGBJ3TAJV4bLHNvJtPBG1ZwpCgSbCIJlIgZywMTp_m65rvNhETr44OUH59-nUDhjescwMRBOX_gLeSE0BhN1XbOf2QPYkFcBS4dkLgh5O4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 08:46:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 error
connect.facebook.net//log/ Frame 25A1 0
0 34ms
33ms Image
text/html 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=2.9.33&e=Error%3A%20cookie%20not%20stored%20properly&s=Error%3A%20cookie%20not%20stored%20properly%0A%20%20%20%20at%20C%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F728614063843886%3Fv%3D2.9.33%26r%3Dstable%3A25%3A5431)%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F728614063843886%3Fv%3D2.9.33%26r%3Dstable%3A25%3A5786)%0A%20%20%20%20at%20H%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F728614063843886%3Fv%3D2.9.33%26r%3Dstable%3A25%3A6228)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F728614063843886%3Fv%3D2.9.33%26r%3Dstable%3A25%3A6905)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6282%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A65139)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6209)%0A%20%20%20%20at%20pa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A9349)%0A%20%20%20%20at%20%24%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A9985)%0A%20%20%20%20at%20Function.Z%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A8768)&ue=0&rs=stable&rqm=FGET
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ Frame 25A1 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=728614063843886&ev=PageView&dl=https%3A%2F%2Forbit4.lun.ua%2Fhtml%2Fgdevkievezhithorosho.com.html%3Ftemp%3Daf276720%26random%3D1&rl=https%3A%2F%2Fgdevkievezhithorosho.com%2F&if=true&ts=1614761191034&cd[ad_segment]=2&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1614761189047&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Mar 2021 08:46:31 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 2AF0 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=728614063843886&ev=Microdata&dl=https%3A%2F%2Forbit4.lun.ua%2Fhtml%2Fgdevkievezhithorosho.com_vertical.html%3FblockID%3Dgdevkievezhithorosho_catalog&rl=https%3A%2F%2Fadbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&if=true&ts=1614761191399&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614761189465&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com_vertical.html?blockID=gdevkievezhithorosho_catalog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Mar 2021 08:46:31 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 25A1 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=728614063843886&ev=Microdata&dl=https%3A%2F%2Forbit4.lun.ua%2Fhtml%2Fgdevkievezhithorosho.com.html%3Ftemp%3Daf276720%26random%3D1&rl=https%3A%2F%2Fgdevkievezhithorosho.com%2F&if=true&ts=1614761192537&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1614761189047&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:46:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Mar 2021 08:46:32 GMT

GET
H3-Q050 200 2694262142820548704
tpc.googlesyndication.com/simgad/ Frame 25A1 75 KB
75 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2694262142820548704?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a76fa838a2c39a6d491032ad6ea99a933fdc855a6a415f6cb29a1a49a5278d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 16:44:31 GMT
x-content-type-options: nosniff
age: 144122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76466
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 16:39:38 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 16:44:31 GMT

GET
H3-Q050 200 8111903740016475790
tpc.googlesyndication.com/simgad/ Frame 25A1 62 KB
62 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8111903740016475790?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa175df2be500896f45d2d15c60b8c0f95fdf423ef2ae32f34997c0092c9c87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:19:42 GMT
x-content-type-options: nosniff
age: 70011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63083
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 13:16:41 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 13:19:42 GMT

GET
H3-Q050 200 18075958902747267357
tpc.googlesyndication.com/simgad/ Frame 25A1 93 KB
93 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18075958902747267357?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee7cd39d52d694d78d09743b3b26735d50217e269725118a2aef4820fe7ca716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:21:05 GMT
x-content-type-options: nosniff
age: 69928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94933
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 13:18:11 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 13:21:05 GMT

GET
H3-Q050 200 6491699499184162056
tpc.googlesyndication.com/simgad/ Frame 25A1 99 KB
99 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6491699499184162056?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd38ba12cc0cc170ab55a859d41b1062bd9c373e1412bfe23419d9420b0dc81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://orbit4.lun.ua/html/gdevkievezhithorosho.com.html?temp=af276720&random=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 07:59:38 GMT
x-content-type-options: nosniff
age: 175615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101055
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 07:53:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 07:59:38 GMT

GET
DATA 200
OK truncated
/ Frame 25A1 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0f1faac7c92048301850c22f74770a91df3320becda9221d9a60f605525f8d4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 25A1 7 KB
7 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://orbit4.lun.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:17:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:10 GMT
server: sffe
age: 138540
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6824
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:17:33 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmYUtfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 25A1 7 KB
7 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfABc4AMP6lbBP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ceff12ed93f07702593bbe61fd6c3b718304e3ccf8e9ebf9c6bd2844eabb493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://orbit4.lun.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 09:18:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:11 GMT
server: sffe
age: 516503
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6756
x-xss-protection: 0
expires: Fri, 25 Feb 2022 09:18:10 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 25A1 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://orbit4.lun.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i,900,900i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 12:56:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:08 GMT
server: sffe
age: 503397
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11012
x-xss-protection: 0
expires: Fri, 25 Feb 2022 12:56:36 GMT

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gdevkievezhithorosho.com/	1970-01-20 01:18:17	Name: _mailmunch_visitor_id Value: 78bdd9c0-e875-46f9-be2a-9f42737d16f9
.gdevkievezhithorosho.com/	1970-01-20 01:54:17	Name: __gads Value: ID=5bca2448a6868a71:T=1614761189:S=ALNI_Mbs8vb3EEGQ4CcYKzzQJIAPiMgnSg
gdevkievezhithorosho.com/	1970-01-20 01:18:17	Name: mailmunch_second_pageview Value: true
.gdevkievezhithorosho.com/	1970-01-19 16:34:07	Name: _gid Value: GA1.2.2063652189.1614761189
.gdevkievezhithorosho.com/	1970-01-20 10:03:53	Name: _ga Value: GA1.2.146012872.1614761189
.gdevkievezhithorosho.com/	1970-01-23 08:08:41	Name: amplitude_id_a9880bc9a7f556e1b59433679440149bgdevkievezhithorosho.com Value: eyJkZXZpY2VJZCI6IjVlNWNlNWI4LWM2N2EtNGM2OC1hNGZhLTEwOTY4ZWE5Yjk3YlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTYxNDc2MTE4ODg0NywibGFzdEV2ZW50VGltZSI6MTYxNDc2MTE4ODg0NywiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9
.gdevkievezhithorosho.com/	1970-01-19 16:32:41	Name: _gat_gtag_UA_6260742_9 Value: 1
.gdevkievezhithorosho.com/	1970-01-19 17:15:53	Name: __cfduid Value: d6e03c8256e1cc2644cfca11eb2a34c271614761188

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://gdevkievezhithorosho.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2e74dbafde1ff62842abd3bfbbaca9c0.safeframe.googlesyndication.com
a.mailmunch.co
adbab034a188dcbedd93518fbf5ba648.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
adservice.google.nl
ajax.googleapis.com
analytics.mailmunch.co
cdn.amplitude.com
cdnjs.cloudflare.com
connect.facebook.net
ee2ec17675f0b62c3ac6aecb18f44f90.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.mailmunch.co
gdevkievezhithorosho.com
googleads.g.doubleclick.net
orbit.lun.ua
orbit4.lun.ua
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.addtoany.com
stats.g.doubleclick.net
storage.googleapis.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
13.224.194.151
142.250.186.130
142.250.186.162
2600:9000:2156:6400:4:c961:9640:93a1
2606:4700:10::6816:47c5
2606:4700:3031::ac43:ae7f
2606:4700::6810:135e
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2010
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c1b::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.216.182.123
35.244.154.20
52.45.2.52
0030a9927b6f2471090a113ed4d3f0d76daa45244a182394ef0dd4e2d8c73b4c
03b91cc6b7b75f6aa9e1015ded5196298213496512857cbba8ac41a23ae06c13
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0b462a1bf5bdfe4b88349d9fb47958184ea31f630461b00dcafbfbc48a203a6c
0c8c8d61d0a7f77f59b95383464a57908e0284938736be75c0e6c02fbeff5b17
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111cea4209818a9350fc28c5ecf46ef9c0b3f3044cc7e0f8c3d197a725d3cca7
11cb6f57e40ba6b25c3610aed3bb4035a3f2af6ec2bdf0cffdfde88b2d70e76d
149ffe7f6fbbec63956909e28082ee74bc799079f4701eea0d459662f02d8442
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
1607e1814e3fc243984d2bafaf24e87c8e082299a7253baad6e8b6c1ee986fae
1b257dc12266c8455c5187bc9234d5ea37d0ef84f6d7027434e48f39108139cf
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1c79d2eaf7200d5fbcb0efe0e65caefac6f7c43962a97c626f8a180834fd04d6
1ceff12ed93f07702593bbe61fd6c3b718304e3ccf8e9ebf9c6bd2844eabb493
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
27bf62107a104ddcbcac2550e38c8fe95530427cabad47befa5c5103f5d1c9d0
287fd3499fe2d3ccebe83713294e58992e3b9aee6ef69ee76500a0bb58c401c8
2b4f4833fe7b2e395e83ce26a8638d722c40006a3060ba0e3bd1b72f8318eb45
2dc1c85eb3766b923eb1898f16d2f09541f2f94523929e58154ce17b0d71bded
310b9376346ac475b5e9e87c808fc4e4e51b8f37fc1d8d4fc9ec0491e531ba97
31ccdcebe592f1806d31ac17a6d08bf77439ab0a07550ad97d47135f50bce13e
35a2ca4e91b06fa2df97cb942afc11d6f9f5441ecb31bc4a1c4759a1fbee6bf3
3c0703e38a9a060859fd825ef1bb974f6313d0380e2eb39e475cd6b487520a9b
3cac5766b62e3fca8117a35db8c11deac3717940420940a15149ece5cab3ddc1
406f09bf0ace9f285e6f3de068595ec0288e9b937cbdbfd0f8eeb404e7e48f3d
4378ab2698bc95c0378bc11bcf5daf6249b4db5001bc46130e64dda1a8625be0
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
468674a37da8e2edd18a04812d8ece47786a708341910a1ff221897b8c6b580a
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a01b27634f8ff7ccccd678a7dbd637d055aaf3c41c59d531ce5acb1eeb13bf1
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4d9d3cc6e13c459089408a3db80fc680820af8606664bcfb056ca430a9c287c1
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51638734fccdc1d6358090d04ffc85869fd4d54a402bd01da0d45e3a391e4025
5388b284057ccfdc4990a039dd009d3e46853058d005bab637f139c459780eb2
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
54234dbc5f94f0c00e43abfab5b835783474b7259ab5ba5ba4024e0ef212e181
549bd196fab5c9e13264f1b88b59da095296313a964da2c80d4dfa958668f361
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
561651fed5aedbe6bced9c19a87f2d327ef38d317d2080dc789affa3d9141f87
57a96eb1ccacae26e452d6e147fb29ca8ca20ce183970a3a4fb5febf8662fcc7
58b070692934a2f4935a742bda0a5f2a5c76a9a0b56f1b4fc9b4b3f0f948efc3
58f2ad06039b9c8f1d904e32e598e7cf52d2c9c487be46fc74e28c69722c66d3
5a985a689204e8bdcc382099c0f6550ec8b4ee257b365fe07851f7fb8f350b5e
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5c8d4995b0c7913713093d6db12e8e562ced412258cf23de5508fb67e390e001
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541
614426109acf753ce4f5ca75fc25aaf515bad4f6c0b4d3ecdefa1b8c4030d354
65dd55d388f1ba7e3faa01ccbd042e858cd06efd86f8d4fdd480e38ff99244ce
6699a50c92575f0c5b14b6052ce03ff715f11b07ace5ab8b83a1efcc113c0bf4
67ad9609b889acaa8d163adfa2c2c3494fcdd6fe67a5ab2d6bb8dc55434523cc
67f8e668fe74df826eca1f04f20bca631be9b6ed4a1ed03c8971025c544e589c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f1d1f32e431b304850ab88cd216572675f6921da6c323fbdecaf23d124737d1
74b4573dc11fa61e16821b2b2b56fcd0c180e1bf018343b67f430011529232db
77e93e7cdb0a5e67a37890f2d6741c96c0b0186806b44fe02d39d95dd8b36604
793dc4cce41769672279c2e51e623eeb5f409b55f11ebd2e052067e3784017f1
7a44de3119132c082abca4310255a807353650b3b6d8c06aca907139bacd057c
7adb10a353296401e7d806e4bbdebd1559ee9cfe44a9daeb9d6a5bc6e2685a00
7e80a9d5ebe93a11e4f89561675016b3e9adfe8d583a62611161bb8cc5f590b6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8a76fa838a2c39a6d491032ad6ea99a933fdc855a6a415f6cb29a1a49a5278d0
961c81effa0bb489d5895d58941f8405208c55045a1329599cba16bb5a90958c
979d1f4b19d6148f177abec8cca01dadd695fb116969ed4fcc91ac4b4df02e4d
99e0877262fea5554aec4a8898b0828c49d9dd85e1107a7ae99db6770238ef09
9bbd49454237351594bd41e1a6194677be17eccc8ebce4eb60045e7d51ebcabc
9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb
9cde9f5ea84d2d3ecdde56b43acc5aeaa570046aca585a09eaa2639a798ab7f0
9d0b5b083920fe516abf9c495fc2ae8352fe9fb0d97e7d10be59731ce7fa3c1d
9e6e797a41dfe372f1abc33939eef549eebcee45c9b66abbbe77068c68f9a98c
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
a2526c88d4830163043333bface2b3f7e20b7747a465118eb50961dca624d97a
a390ce0831821ade77bd6f4f8136265459842c4411486886006a1efc5f2d9628
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a94558535ca72995a47883885d6fdfdee113dcbb8e937e88196f25cb181c72b2
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
af5f2a19d6f247fd13ad4d1a3b0fbd92f8e025d2a029d38c83bcd6a577bd88a3
afa0075a2f03d88da557f2fa9da3f4f98ad48e2cc21fdb7a5807a7c30dee27e4
b3dec2f1d8df7bd3d188f7be3ee33d5b9865586e3cf7200d73757454ca882e39
c073001054af588afa4a95c0678e4f8f09c920842f4546fecc88a40d5d5717e5
c0c394da8d74dbd52fb6b05fe19e4c01b583af5dda0cafdb2df0788e0c402dba
c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4
c2ce0c5fd6109ab746f6cfd9650afa8f43c7845e25a9fe441ab23761b5489af0
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
c7fd14cfc3eea4db92b7f3ecd24b1797f873a4b2079b69a0e98800f1f60393b7
cc139bb571ba15adcd2e6f37859679ce715e5de67720f0724595e5b8a6dfe9b5
ccc34cb6c032c3469fa54ee8bde858017289afa3bc637ddae2cd6eea5a0ff211
cdf566c3eb722b3ba4ab3ba6caa4469cf49f55938e13fb835c3f496974cac4f5
d11f8cd3471098dcde8753cf1daa6fa8f3535ede5d1a272f790d4f2b584ccb70
d138775cce6af92fc39f461deace3f4acc1a6dbfc92fecd2614f7fcd84cd5c9f
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d325c0f0224c5715012d6ec9f9272eae60b4636662496b65e7ca4e1490c2f90b
d577d10624e93e15c15f3c8244f28ca423a3161307f43b8d2f84efe5ad5b1eda
d686e3d9180b90565957bbffd8839eccd18134f42362e775901e1adba762d899
d698abda50c923b8491cb24b3af6de33b5a65e182bcfbbfda4037b9bdd7d4700
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
db71201ee95275344ef1425061018f1d05a6501a505c3f6788d30d79dfe05c0b
ddd38ba12cc0cc170ab55a859d41b1062bd9c373e1412bfe23419d9420b0dc81
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de98a2689c82724e7b0c3e981fe54d8a80aa030149a235f9379e9c75c767a87e
e09aee078845f52f360c8e6593042d232fc58ea6ffa61a38b0bfd36f996dee63
e0de138c5c18bdf06f86d3f0f86784fb5cf679f47fe04a1912d28e8605908115
e1bc1e0d2ce61d2d27e0f0d93be5857b709f8a1eceb9d28d943c2891b5402009
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e9e65da0dc2ba258683637a95a31ec96b8aa23e45195b867b15c93623a4f5b83
ee1978a8b3e66e8693a1543db8e8aff44246579c4d72ca104a01e2973ebbe0a6
ee7cd39d52d694d78d09743b3b26735d50217e269725118a2aef4820fe7ca716
eeae6d5aa43cd6257cbf78e01bd30a260d86093be1f8c55008d458851cabc360
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f032294207e8ba683f350cf12b26bf73d054b427ce483a06afb66317f235194f
f0f1faac7c92048301850c22f74770a91df3320becda9221d9a60f605525f8d4
f2807363e414bd864292a9555556ce345e6046bb2c9eb090586c96848dc200a5
f368e85b820970c69c0eb8426a3810f252ded0214063066154355089dc5546fd
f6f3a313b6bbf670e3c0b259e193c8229a181560f07ed7f578534f8a49ffb34a
fa175df2be500896f45d2d15c60b8c0f95fdf423ef2ae32f34997c0092c9c87a
fb8dc082a8843a6d6d21eb2e6dbb58851eefef94f5e4c8eab6fecb7283e90eb3
fb9051852304c116a21a3c822cec4e53fee6710c605c3c3c7e77859189ad1a85
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fff4b217c0b525033b805d84863ae150342b884a6de821bd2d05e70dffa20139

gdevkievezhithorosho.com Open in urlscan Pro 2606:4700:3031::ac43:ae7f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

214 Requests

100 %HTTPS

79 %IPv6

19 Domains

32 Subdomains

29 IPs

3 Countries

6658 kBTransfer

10772 kBSize

8 Cookies

3 Outgoing links

Redirected requests

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gdevkievezhithorosho.com Open in urlscan Pro
2606:4700:3031::ac43:ae7f Public Scan

Screenshot
Live screenshot

Full Image

214
Requests

100 %
HTTPS

79 %
IPv6

19
Domains

32
Subdomains

29
IPs

3
Countries

6658 kB
Transfer

10772 kB
Size

8
Cookies

214 HTTP transactions
5 data transactions