www.oferlo.com.ua Open in urlscan Pro
5.182.38.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oferlo.com.ua/
Effective URL:
https://www.oferlo.com.ua/
Submission: On November 04 via api (November 4th 2022, 7:22:32 am UTC) from GB — Scanned from GB

Summary HTTP 176 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 35 IPs in 8 countries across 26 domains to perform 176 HTTP transactions. The main IP is 5.182.38.129, located in Budapest, Hungary and belongs to SERVERASTRA-AS, HU. The main domain is www.oferlo.com.ua.
TLS certificate: Issued by R3 on September 22nd 2022. Valid for: 3 months.

This is the only time www.oferlo.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 23	5.182.38.129 5.182.38.129	56322 (SERVERAST...) (SERVERASTRA-AS)
29	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
35	2606:4700:20:... 2606:4700:20::681a:264	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	52.28.143.91 52.28.143.91	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3 15	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
5	95.101.54.200 95.101.54.200	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.73.221.153 3.73.221.153	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400f:805::2003	15169 (GOOGLE) (GOOGLE)
1	74.125.140.155 74.125.140.155	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5	16509 (AMAZON-02) (AMAZON-02)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4016::7	15169 (GOOGLE) (GOOGLE)
176	35

23 5.182.38.129 (Budapest, Hungary) 2 redirects

ASN56322 (SERVERASTRA-AS, HU)
PTR: pop-europe-middle.hyperia.sk

oferlo.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.oferlo.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:20::681a:264 (United States)

ASN13335 (CLOUDFLARENET, US)

eu001.leafletscdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.143.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-143-91.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.101.54.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-200.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.76.200.221 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.221.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-221-153.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400f:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4016::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-h0jeln7e.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	405 KB
35	leafletscdns.com eu001.leafletscdns.com — Cisco Umbrella Rank: 544155	92 KB
27	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 320 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264 bid.g.doubleclick.net — Cisco Umbrella Rank: 698 ad.doubleclick.net — Cisco Umbrella Rank: 208	150 KB
23	oferlo.com.ua 2 redirects oferlo.com.ua www.oferlo.com.ua	203 KB
10	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1479 secure-ds.serving-sys.com — Cisco Umbrella Rank: 2535 lm.serving-sys.com — Cisco Umbrella Rank: 2639	211 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	41 KB
8	google.com accounts.google.com — Cisco Umbrella Rank: 126 adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	78 KB
7	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 666	6 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118 imasdk.googleapis.com — Cisco Umbrella Rank: 468	130 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 5594 www.google.de — Cisco Umbrella Rank: 3590	1 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1105 r2---sn-h0jeln7e.c.2mdn.net — Cisco Umbrella Rank: 785211	2 MB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 922	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 313	3 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 483	965 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 2255	414 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2645	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 899	569 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 989	829 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	202 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	112 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2229	296 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1394	356 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	47 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	694 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	63 KB
176	26

	Domain	Requested by
35	eu001.leafletscdns.com	www.oferlo.com.ua
29	pagead2.googlesyndication.com	www.oferlo.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
21	www.oferlo.com.ua	www.oferlo.com.ua
15	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net www.oferlo.com.ua
12	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com imasdk.googleapis.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
5	csi.gstatic.com	securepubads.g.doubleclick.net imasdk.googleapis.com pagead2.googlesyndication.com
5	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	www.oferlo.com.ua googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	image6.pubmatic.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	bs.serving-sys.com	googleads.g.doubleclick.net secure-ds.serving-sys.com
3	fonts.googleapis.com	www.oferlo.com.ua googleads.g.doubleclick.net
2	r2---sn-h0jeln7e.c.2mdn.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
2	lm.serving-sys.com	secure-ds.serving-sys.com
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.facebook.com	www.oferlo.com.ua
2	www.google.de	www.oferlo.com.ua
2	connect.facebook.net	www.oferlo.com.ua connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	oferlo.com.ua	2 redirects
1	gcdn.2mdn.net	1 redirects
1	ad.doubleclick.net	imasdk.googleapis.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.oferlo.com.ua
1	accounts.google.com	www.oferlo.com.ua
176	42

This site contains links to these domains. Also see Links.

Domain
d34seexzbffcio.cloudfront.net
www.oferlo.ae
www.broshurko.bg
www.fylladiomat.gr
www.letkomat.hr
www.oferlo.id
www.oferlo.in
www.saishinchirashi.jp
www.oferlo.kr
www.catalomat.ro
www.letakonosa.si
www.kataloglar.com.tr

Subject Issuer	Validity	Valid
oferlo.com.ua R3	`2022-09-22` - `2022-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-03` - `2023-09-03`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-13` - `2022-11-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
lm.serving-sys.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-10-25` - `2023-01-03`	2 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.oferlo.com.ua/
Frame ID: 0E1F19717BB9B6FBC0DB7F0F4831B447
Requests: 100 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Frame ID: C787EA802B8354CED3E1291303BB0B72
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1667546546&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546517&bpp=3&bdt=328&idt=284&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8521646978737&rume=1&frm=20&pv=2&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=301
Frame ID: 63A0508987695140448EE59101CBF962
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1667546546&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546589&bpp=6&bdt=400&idt=247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8521646978737&rume=1&frm=20&pv=1&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9Mt2Oq1bMv&p=https%3A//www.oferlo.com.ua&dtd=252
Frame ID: 4B5149F8771D80159D47D675DCE1D856
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGNSQ_dEBMAE&v=APEucNWxsi-vKdNw8wqTEJqZLYf-coHGg7LrK9fxvSNiklvSMm0-zR0gnWRuTMkjHyzF3Ic8Q6Jju84trIor_gtmIXev6QCT8Vu901erCV_DUwWUZRpL61ore3VifKEK1Q4LA7cZBCqEmLTOGOyIwIeppgLt8upq4qsrnt0ZPX7XPkIPlG3FgSo
Frame ID: 1A271225C5EEAABFA337CC7E644CF10F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F66E6564C427443F071275B4D4BB5BD8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 78423757190986974062998341761AE5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Frame ID: DA64C695E86CFA7C2E16EEAA141906AE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js
Frame ID: 201A07915C8FB34DD90B72A03612DDF6
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D2B063A473D13A3F6F221C59C27361E0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8CA8EFA64688BAAFA0B89712B57F1531
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BCD2FCB5E15DC6282D55971DD25107E0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 2A12F2DC79A9335880563AB6BAF111AC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Останні акції, каталоги та знижки | OFERLO

Page URL History Show full URLs

http://oferlo.com.ua/ HTTP 301
https://oferlo.com.ua/ HTTP 301
https://www.oferlo.com.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope
accounts\.google\.com/gsi/client

Yii (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

/yii\.(?:validation|activeForm)\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

Page Statistics

176
Requests

92 %
HTTPS

60 %
IPv6

26
Domains

42
Subdomains

35
IPs

8
Countries

3735 kB
Transfer

6097 kB
Size

37
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://d34seexzbffcio.cloudfront.net/a94464aff8a69ba3b7b48aee44397d866191662a65485.pdf
Title: умовами використання

Search URL Search Domain Scan URL

URL: https://d34seexzbffcio.cloudfront.net/e6f686054460106d095f70d30bb88552617a4484914ea.pdf
Title: обробкою персональних даних

Search URL Search Domain Scan URL

URL: https://www.oferlo.ae/
Title: United Arab Emirates

Search URL Search Domain Scan URL

URL: https://www.broshurko.bg/
Title: България

Search URL Search Domain Scan URL

URL: https://www.fylladiomat.gr/
Title: Ελλάδα

Search URL Search Domain Scan URL

URL: https://www.letkomat.hr/
Title: Hrvatska

Search URL Search Domain Scan URL

URL: https://www.oferlo.id/
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://www.oferlo.in/
Title: India

Search URL Search Domain Scan URL

URL: https://www.saishinchirashi.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.oferlo.kr/
Title: 한국

Search URL Search Domain Scan URL

URL: https://www.catalomat.ro/
Title: România

Search URL Search Domain Scan URL

URL: https://www.letakonosa.si/
Title: Slovenija

Search URL Search Domain Scan URL

URL: https://www.kataloglar.com.tr/
Title: Türkiye

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oferlo.com.ua/ HTTP 301
https://oferlo.com.ua/ HTTP 301
https://www.oferlo.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs2rmEKvQOhew1yORdYGu0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs2rmEKvQOhew1yORdYGu0&google_cver=1&C=1

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2S9tB80jk0QzFvsN.l4CgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs2rmEKvQOhew1yORdYGu0&google_cver=1&google_hm=2

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPYT_9lA1Zu2RuwyYvd3yEE&google_cver=1

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2MzA5MDY2ODM5MzcyOTI2NA%3D%3D

Request Chain 110

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8qpGwtrrde1b1KbD7KRGPnLGnC4qDTbGDj6bJk6NEJflZ0E5YwVnvzTlzZsIHJWwu6HhXErr8adFyml59w7tdMa5tl1Ok&google_gid=CAESEBy1q07QB4paFI-19JPtPCA&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLT7kpsGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWm1QeGc4cXBHd3RycmRlMWIxS2JEN0tSR1BuTEduQzRxRFRiR0RqNmJKazZORUpmbFowRTVZd1ZudnpUbHpac0lISld3dTZIaFhFcnI4YWRGeW1sNTl3N3RkTWE1dGwxT2s HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwejkzeFRkLVpvVmhza2Z3b3JsX1Vmbjh2ZUlNd0xVWi1RNFpxdksyU1ROVQ==&google_push

Request Chain 111

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8kMFjR2kjODL1jA6k6rZdZY90ckJ3PeA2ONxRQ055__04UQTNrnOMF6Fbkh48LYXvy6gcKR5UmpuDHfEJM1GE3EsV10UI&google_gid=CAESEEPemVPcPqjgbBJyCegydjA&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8kMFjR2kjODL1jA6k6rZdZY90ckJ3PeA2ONxRQ055__04UQTNrnOMF6Fbkh48LYXvy6gcKR5UmpuDHfEJM1GE3EsV10UI&google_gid=CAESEEPemVPcPqjgbBJyCegydjA&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDQwNzIyMjkwMDAxMzU3NDc1NDA2OA%3D%3D&google_push=AZmPxg8kMFjR2kjODL1jA6k6rZdZY90ckJ3PeA2ONxRQ055__04UQTNrnOMF6Fbkh48LYXvy6gcKR5UmpuDHfEJM1GE3EsV10UI

Request Chain 113

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDR-S9HOPpHLDpFEyhTkaNI&google_cver=1&google_push=AZmPxg-f2fXDOiLqFAIaIqFHbPHPpXp4_wrz8UF5UcMyipaKudsGZToQgxzhKjlR7BHOyNvER8BUDL5Houxgl7XQa3hH9V6kGw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDR-S9HOPpHLDpFEyhTkaNI&google_cver=1&google_push=AZmPxg-f2fXDOiLqFAIaIqFHbPHPpXp4_wrz8UF5UcMyipaKudsGZToQgxzhKjlR7BHOyNvER8BUDL5Houxgl7XQa3hH9V6kGw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qxn6Eh52Q_-s728anBpd-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-f2fXDOiLqFAIaIqFHbPHPpXp4_wrz8UF5UcMyipaKudsGZToQgxzhKjlR7BHOyNvER8BUDL5Houxgl7XQa3hH9V6kGw

Request Chain 114

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBLnlPzzjZyhnYcRdJSf-og&google_cver=1&google_push=AZmPxg8oR_JSOrH_q-ZAPg90YSXJKrX68s1-ZpN0qKy9AmAtSrTl4xlVqsIJyZwjNE-5T5d2OlxZxijpQiHAfZkYslv3Sb4afos HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEyNjVSWkEtMVctQlIyVw==&google_push=AZmPxg8oR_JSOrH_q-ZAPg90YSXJKrX68s1-ZpN0qKy9AmAtSrTl4xlVqsIJyZwjNE-5T5d2OlxZxijpQiHAfZkYslv3Sb4afos

Request Chain 115

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKA6POVixnpEKHq7081wh-k&google_cver=1&google_push=AZmPxg8pmwvubzjg3vY5c_N39E_rM43fMDxAGK5Pnryd0l63lhyj3iW8PlVvBBxWY5yTspgPNjZ2qsNAMauOw_S4PfXYsA81UA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKA6POVixnpEKHq7081wh-k&google_hm=Y2S9tB80jk0QzFvsN-l4CgAADRQAAAAB&google_nid=index&google_push=AZmPxg8pmwvubzjg3vY5c_N39E_rM43fMDxAGK5Pnryd0l63lhyj3iW8PlVvBBxWY5yTspgPNjZ2qsNAMauOw_S4PfXYsA81UA

Request Chain 149

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBwKVPdN8mEyClFxExgWHbw&google_cver=1&google_push=AZmPxg_N3y5v8w4-vWayB99IKR_2Sql2tvhrwlj6kAh4QhJvX_q5hJuUFUypF_1hEbYIgkYuE97gJN_vD4S2FEG_6raC_jiX7NG4jf9oFkU8e39N-DwDEkHvBATeB_upkcEWZfABP44Urp0 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_N3y5v8w4-vWayB99IKR_2Sql2tvhrwlj6kAh4QhJvX_q5hJuUFUypF_1hEbYIgkYuE97gJN_vD4S2FEG_6raC_jiX7NG4jf9oFkU8e39N-DwDEkHvBATeB_upkcEWZfABP44Urp0&google_hm=_N9VUfT1J-FiLpx79JldDg

Request Chain 152

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP9tjUblbBM0Tlo8zwK6fHE&google_cver=1&google_push=AZmPxg9xIqfsPpLm-uFcOfY2Lv-l2JSuJhF9bdXKVDBCjZZ9ZTkSn6ynmU0AxZb8KNnlZXaLPTVXU4WbxJBiqOPFSlnMDZbOmKabBWdKMOSYxI9r9K1tzFyk5CW0pXP7DVupwAnSLPDHqIv9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qxn6Eh52Q_-s728anBpd-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9xIqfsPpLm-uFcOfY2Lv-l2JSuJhF9bdXKVDBCjZZ9ZTkSn6ynmU0AxZb8KNnlZXaLPTVXU4WbxJBiqOPFSlnMDZbOmKabBWdKMOSYxI9r9K1tzFyk5CW0pXP7DVupwAnSLPDHqIv9

Request Chain 153

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPRZVsA217lDcw6ua--4ZJA&google_cver=1&google_push=AZmPxg-h1oMFnIUfKStGWV4mkSsqwUzORy3LiqJtJWtsR-sNsiGshfcUCb8nz7x7NrIl6sX2rxwEWqB56opjb7kuwOOf34RECTCfhdh9p-nvEvFV6gKDt3jARQbI31A67h99rCJfGMXgBJ5S HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEyNjVTTVgtMVotRzZHQg==&google_push=AZmPxg-h1oMFnIUfKStGWV4mkSsqwUzORy3LiqJtJWtsR-sNsiGshfcUCb8nz7x7NrIl6sX2rxwEWqB56opjb7kuwOOf34RECTCfhdh9p-nvEvFV6gKDt3jARQbI31A67h99rCJfGMXgBJ5S

Request Chain 154

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKUqs-CBXQP1MO8j56XvCS0&google_cver=1&google_push=AZmPxg_aJ3EVCFXBnNWnIH7AdDsqzv_MHAJtsV4d4APH7DvT7wCYHhBIi1iSkLQ4FVTnP2NDEaH16l_teCK0AYOiMRT2KmFPTAkuHaWyvPScfm8RO2W106EsitZXKPc4zarTdtteKaul4Uz1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKUqs-CBXQP1MO8j56XvCS0&google_hm=Y2S9tB80jk0QzFvsN-l4CwAADRQAAAIB&google_nid=index&google_push=AZmPxg_aJ3EVCFXBnNWnIH7AdDsqzv_MHAJtsV4d4APH7DvT7wCYHhBIi1iSkLQ4FVTnP2NDEaH16l_teCK0AYOiMRT2KmFPTAkuHaWyvPScfm8RO2W106EsitZXKPc4zarTdtteKaul4Uz1

Request Chain 168

https://gcdn.2mdn.net/videoplayback/id/07118e0a83413089/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810812099/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/956EFF5C95693C379BB68870412B027DCDA55C88.DAE4320A1FB05C39A6077BD1E428B4197AC0A42/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-h0jeln7e.c.2mdn.net/videoplayback/id/07118e0a83413089/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810812099/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2A19756B671B5E26E87E9C2093DDAE3EC6C57247.7A435C863F794AD878E9B7E748BCCC54B3300148/key/cms1/cms_redirect/yes/mh/oT/mip/2a01:4a0:2c::7/mm/42/mn/sn-h0jeln7e/ms/onc/mt/1667545154/mv/u/mvi/2/pl/46/file/file.mp4

176 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.oferlo.com.ua/
Redirect Chain

http://oferlo.com.ua/
https://oferlo.com.ua/
https://www.oferlo.com.ua/

125 KB
35 KB

152ms
143ms

Document
text/html

5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

05fe0b674c6f6b6e506c32f774a26798bf3863f705c26fccd5d96a030274886b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 04 Nov 2022 07:22:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: []
server: nginx
strict-transport-security: max-age=10; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Hyperia
x-proxy-cache: HIT
x-proxy-cache-type: nl30m
x-proxy-date: Fri, 04 Nov 2022 07:03:00 GMT
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
x-upstream-backend: letakomat-ams-w038
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com

Redirect headers

content-length: 162
content-type: text/html
date: Fri, 04 Nov 2022 07:22:25 GMT
location: https://www.oferlo.com.ua/
server: nginx
x-content-type-options: nosniff

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
55 KB 217ms
97ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fea2ac35d917f85bfd526355d21763cfd7eb33d35dabea46f479e3ae9322b248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55381
x-xss-protection: 0
server: cafe
etag: 7767600222739272938
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 07:22:26 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 191 KB
76 KB 233ms
113ms Script
application/javascript 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e65ffae7b1cb6bcc20cd41aaf080758bc34dc4278262b3361c1ee21f7b5d462

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k4jZntjVjLgBY7Wy95K_cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-k4jZntjVjLgBY7Wy95K_cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 04 Nov 2022 07:22:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 184ms
66ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0f2cca7784269c376cea0c66fa206e809162035f87759bd0d44d171dda8053b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 07:22:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 07:22:26 GMT

GET
H2 200 external.min.js Show response
www.oferlo.com.ua/js/joined/ 138 KB
52 KB 72ms
71ms Script
application/javascript 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=5df350938fca90c47f51a2162e5b32b4
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 69c21c369da1df9da057ad8cc8a9018bc08530a4e3d68077bcdd4e0e0da4ff70

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-proxy-date: Thu, 03 Nov 2022 08:00:23 GMT
last-modified: Thu, 03 Nov 2022 07:55:47 GMT
server: nginx
expires: 31556926
etag: "63637403-cf0d"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
content-length: 53005
x-proxy-cache: HIT

GET
H2 200 common_co.min.js Show response
www.oferlo.com.ua/js/joined/ 49 KB
17 KB 104ms
103ms Script
application/javascript 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/joined/common_co.min.js?t=35502940979fff67661733dbd56afb92
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: c2531229b60616ea7be41448ff9ca6041a9059805a8b4d092c08c313ad2b77ae

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-proxy-date: Thu, 03 Nov 2022 08:00:23 GMT
last-modified: Thu, 03 Nov 2022 07:55:47 GMT
server: nginx
expires: 31556926
etag: "63637403-42e1"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
content-length: 17121
x-proxy-cache: HIT

GET
H2 200 homepage.min.js Show response
www.oferlo.com.ua/js/joined/ 24 KB
8 KB 105ms
105ms Script
application/javascript 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/joined/homepage.min.js?t=96908d20ccf7d1ba2bdd0a1fa1faad53
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: eac6b23e8304cc24b644f826820a05e897b13d4b8feecf938113c2742eeeab4a

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-proxy-date: Thu, 03 Nov 2022 08:23:31 GMT
last-modified: Thu, 03 Nov 2022 07:55:47 GMT
server: nginx
expires: 31556926
etag: "63637403-202a"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
content-length: 8234
x-proxy-cache: HIT

GET
H2 200 typeahead.bundle.min.js Show response
www.oferlo.com.ua/js/ 38 KB
13 KB 106ms
106ms Script
application/javascript 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/js/typeahead.bundle.min.js?t=c6e8982aed36fe6e3af9ad10d11a4726
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 09dea6320f4520d39fa954c5944aec47837a939f271e89d46a2e6d1585a698ba

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-proxy-date: Thu, 03 Nov 2022 08:00:23 GMT
last-modified: Thu, 03 Nov 2022 07:55:47 GMT
server: nginx
expires: 31556926
etag: "63637403-33fe"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
content-length: 13310
x-proxy-cache: HIT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1fb1e346384232cb17d28002913baaafc0572382bae5aec82b0dca887f16f42

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
7 KB 184ms
67ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 18:52:50 GMT
x-content-type-options: nosniff
age: 131376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7360
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:52:50 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
7 KB 222ms
106ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:30:57 GMT
x-content-type-options: nosniff
age: 129089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7448
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:14:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 19:30:57 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 158ms
55ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 17:43:57 GMT
x-content-type-options: nosniff
age: 308309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 17:43:57 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 211ms
112ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:50:20 GMT
x-content-type-options: nosniff
age: 563526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 18:50:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 167 KB
63 KB 185ms
67ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/common_co.min.js?t=35502940979fff67661733dbd56afb92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a98b391ecabe2dfadd3ad1b4cc188c8f55a25fdc24983414c5980b055181f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63570
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Nov 2022 07:22:26 GMT

GET
H2 200 fontello.css
www.oferlo.com.ua/fonts/fontello/css/ 4 KB
2 KB 71ms
70ms Stylesheet
text/css 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=a95d4e49d1408aabd42234f8161dd98f
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 259b67aae500877eceb2ab41928696ff03aa65b25cfd298f668030b87db493cc

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-proxy-date: Thu, 03 Nov 2022 12:11:05 GMT
last-modified: Thu, 03 Nov 2022 08:20:14 GMT
server: nginx
expires: 31556926
etag: W/"636379be-10ed"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
x-proxy-cache: HIT

GET
H2 200 global.css
www.oferlo.com.ua/css/ 92 KB
21 KB 71ms
70ms Stylesheet
text/css 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/global.css?t=58f64e08fec409c274668ee9dcafda2c
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: e91e4f767982a21e6240cf9f0631053ac63cce60efca9b4948facf64373619ec

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-proxy-date: Thu, 03 Nov 2022 12:10:52 GMT
last-modified: Thu, 03 Nov 2022 08:21:27 GMT
server: nginx
expires: 31556926
etag: W/"63637a07-171af"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
x-proxy-cache: HIT

GET
H2 200 homepage.css
www.oferlo.com.ua/css/ 10 KB
3 KB 72ms
71ms Stylesheet
text/css 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/homepage.css?t=27121f8b02c2c8e174123725e84bfc34
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 681edf17a7cf0e80c5117629eec2531bf0bfd77ec9f9a8308a1bc2edac88a275

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-proxy-date: Thu, 03 Nov 2022 12:30:41 GMT
last-modified: Thu, 03 Nov 2022 08:21:26 GMT
server: nginx
expires: 31556926
etag: W/"63637a06-2932"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
x-proxy-cache: HIT

GET
H2 200 globalDefer.css
www.oferlo.com.ua/css/ 21 KB
5 KB 72ms
71ms Stylesheet
text/css 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/css/globalDefer.css?t=959de056ff6fcaff94eceb34da573f3f
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: ea88adff36505b44e034dda505e6dfbff22f8b35b1ed2dd413abcad42d522ebd

Request headers

Referer: https://www.oferlo.com.ua/
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-proxy-date: Thu, 03 Nov 2022 12:11:10 GMT
last-modified: Thu, 03 Nov 2022 08:21:26 GMT
server: nginx
expires: 31556926
etag: W/"63637a06-547c"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
x-proxy-cache: HIT

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/35/3969/ 19 KB
19 KB 159ms
56ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/35/3969/0_s.webp?t=1667470745
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d360473e8962848e1b9607fdd117749549d06d2e631b3ef82a64f21c7189e19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54813
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18990
last-modified: Thu, 03 Nov 2022 10:20:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6ffia39q49i8aRRBliQddU3JsiN%2FEcUWcf2ULjl%2BofWb6CTvvwLreJUmaRoHt3RdWlD3u59yffYfGdivTp8GuXHoFg2zY%2FakMM5ndTzOap3sckA2Y50CUKcCMzdB4F3cXN2o824nWpEQcZfdhIeBKm2mpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b993c48c175de-LHR
expires: 31556926

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/20/3967/ 11 KB
11 KB 198ms
95ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/20/3967/0_s.webp?t=1667468035
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67fd2de5e7c68fe79fd5fc40f2ffb3ced5a8bad748f681f5966bc43e9e411322

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 09:13:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGOjaSZJptb5EgfdS3P3iddEK79Tf2gwkFP1sSulcUFJj5GeFCiKkYGfk1J%2BRTLzUFcJi988HOarHvadvHX1BzHkhPrPypZd7NbNBoIOkoiceGck3AR5MGTRdjyIBMbdKTg5bDOgUidS27r6xQRtJ%2FFx0YY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b993c48c275de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11256
expires: 31556926

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/24/3965/ 8 KB
8 KB 187ms
84ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/24/3965/0_s.webp?t=1667465753
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7669e867d39010e14712c509b568f673ad0ba9fe9affb55bf4f0788d0c5525e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 08:55:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mxe6cCpzbZRIU7JLaXvocM5DUT64XKF%2BhQnpPEKBff7sp5E4BJx%2BaJ7LpsV4doO3TbwmkWoCHhis6DnWY1ucGGJEl34AjQV4G0CMPPkoA6affwzOwRyFfO%2BX9ozM02zRdWfaFIceF1itI6eKxtWk1DyoAcs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b993c48c375de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8122
expires: 31556926

GET
H2 200 0_s.webp
eu001.leafletscdns.com/com.ua/data/4/3909/ 13 KB
13 KB 152ms
51ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/4/3909/0_s.webp?t=1666771841
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e68bdbbcbde2164c64f4b7b15291c0d1429ec0a4e3cbda2427a589154b66b18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6945
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13148
last-modified: Wed, 12 Oct 2022 09:16:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2B1sYC82sDGFwATAbg11k33%2B4bMxXWTaCljcU6bXQSlXS3BncthfJVtGIoKa%2B9UMwxunTDCkh%2BQetQkV0B%2Fei39eWcHtGLgVInnwLhHl11BlOiRf1mQXHiwV%2B6vUHVUiLar75xxhR0J%2FOibcaYm5ei1e%2Fsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b993c48c475de-LHR
expires: 31556926

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/35/ 706 B
1021 B 201ms
100ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/35/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6117374a1f09adbbff6601b20fc00b2264cf5fb2ef53ede0b320a337109026d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 06:28:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXTWmQS1QSnKN7F4kbaBCfteC%2F7aQhin0NswnLcN7cND2hae7fyD409QTCMnQhmP1F4ERWjfUu4Q4A5RCh1Xwys9Uyvsa9AK%2BmtQU6yAtSCrcnnxuv7Df85CNmSzoOrrQxatjevUVDfZlGIUnJQn%2BdtLeN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b993c48be75de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 706
expires: 31556926

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/20/ 1 KB
1 KB 167ms
66ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/20/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d22520c085453857e822427f0f66d18d0c98986f6e1e40d6fa0fc7d44a657be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:44:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGD6Pm9400erMT7%2BKa1jSE99zgxLFTN3iLO8NU2oFlzpP1CnPzI8mb3oL8fBOeLu5f1zWgHoOlL%2FIH5I%2BCIIosCKmOjHcEmEQ5Fm5O58ZfO2s70FVz0DJYJuhC4lRmFTgTUcOqW0J1EXUTsMZ8RvoRYh6jk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 764b993c48c775de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/24/ 786 B
1 KB 96ms
95ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/24/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33b77c3ebb0dfdb1386c077573297dc737b1e1e9e26f33186edd1c1bd7bd8972

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:28:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ledxf%2Fl8S9eRt%2FzY7OIBU2URFVDAsqvkBdiSiOBabAm7Bn0nMXmCqNpwcbZSNQ9D%2BBvBpWOM0LemJIj5ms1Sk0qozdXPgFXSJAKz0WK8ccIP2qBkQTazLVrrV8qlO%2BPaiguNlgEyZOc5tIGEItC2YEouiv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b993c48ca75de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 786
expires: 31556926

GET
H2 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/4/ 1 KB
1 KB 94ms
94ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/4/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ab7b6bae04a32fc40e9b91566b00a87306ede37dd72313499b831cef75b2c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeYraS0Jp3IGs%2FmyFPIEwcI2IiTFc4OrHVbBtQm0mXMoLsv685gC1xXgPO0rdBw7Q7gd8Y89JdljxUC%2BEmyfwb%2Bk79K5tsPXBQTHAmhlc0ZPWa8%2F4v2op%2FHhFSAWMxfI59LBCSstNFwkSOuNF8jq3b5E%2BA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b993c48cc75de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1156
expires: 31556926

GET
H2 200 / Show response
www.oferlo.com.ua/ajax/get-email-signup/ 3 KB
4 KB 70ms
70ms XHR
text/html 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/ajax/get-email-signup/

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=5df350938fca90c47f51a2162e5b32b4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

80c9f103dae953f0617bcc88e3ac87d83773ca415fa0d984b97c7dc70e2ce7b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: iw3SQo78Hex87cJi3CH24xSHjLjUyDzKnvggPj8uuTn4P4It9LcqqhjYlwuOTqbaULC0jLb-BKDziBNad1zRVw==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 04 Nov 2022 07:22:26 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 04 Nov 2022 07:04:11 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
x-upstream-backend: letakomat-ams-w023
content-length: 1457
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Nov 2022 07:04:11 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
dynamicurl: ajax/get-email-signup/
x-proxy-cache-type: nl30m

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/ 353 KB
116 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1447540957213601&plah=www.oferlo.com.ua&bust=31070696

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eae3341093189c106c716049d2a9f351f3260153dd0acd0de9e1da7f88cbca3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118918
x-xss-protection: 0
server: cafe
etag: 7053004883722218230
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 07:22:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame C787 10 KB
5 KB 170ms
54ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 47802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 18:05:44 GMT
etag: 2424782735605397694
expires: Thu, 17 Nov 2022 18:05:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 151ms
150ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C31061691

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 152ms
151ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=predictive_abg&a_c=ca-pub-1447540957213601&p_c=ca-pub-1447540957213601&b_v=r20221101&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C31061691

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 151ms
150ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=atf_ad_settings_from_ppabg&p_s=true&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C31061691

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 151ms
151ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=modern_js&fy=2021&supports=true&c=2012&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C31061691

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.oferlo.com.ua/ajax/get-menu-items/ 3 KB
3 KB 72ms
72ms XHR
text/html 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/ajax/get-menu-items/

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=5df350938fca90c47f51a2162e5b32b4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

0ef1f9f33632ec6e27928d82e6f155d14605c07815630b6a4dfbf830464795bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: iw3SQo78Hex87cJi3CH24xSHjLjUyDzKnvggPj8uuTn4P4It9LcqqhjYlwuOTqbaULC0jLb-BKDziBNad1zRVw==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 04 Nov 2022 07:22:26 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 04 Nov 2022 07:04:47 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
x-upstream-backend: letakomat-ams-w022
content-length: 728
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Nov 2022 07:04:47 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
dynamicurl: ajax/get-menu-items/
x-proxy-cache-type: a30m

GET
H2 200 fontello.woff2
www.oferlo.com.ua/fonts/fontello/font/ 9 KB
9 KB 70ms
70ms Font
application/octet-stream 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/fonts/fontello/font/fontello.woff2?49450005
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=a95d4e49d1408aabd42234f8161dd98f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 20b7ec5c587ce88329c10b1ab2f288ecd11dcd57e5716e90d6a957f8fddd3db6

Request headers

Referer: https://www.oferlo.com.ua/fonts/fontello/css/fontello.css?t=a95d4e49d1408aabd42234f8161dd98f
Origin: https://www.oferlo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
x-proxy-date: Thu, 03 Nov 2022 12:11:18 GMT
expires: 31556926
last-modified: Thu, 03 Nov 2022 08:20:14 GMT
server: nginx
etag: "636379be-2274"
x-from-origin: true
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
accept-ranges: bytes
content-length: 8820
x-proxy-cache: HIT

GET
H2 200 yii.validation.js Show response
www.oferlo.com.ua/assets/2e4368f8/ 17 KB
4 KB 70ms
70ms XHR
application/javascript 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/assets/2e4368f8/yii.validation.js
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=5df350938fca90c47f51a2162e5b32b4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: iw3SQo78Hex87cJi3CH24xSHjLjUyDzKnvggPj8uuTn4P4It9LcqqhjYlwuOTqbaULC0jLb-BKDziBNad1zRVw==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-proxy-date: Thu, 03 Nov 2022 12:11:35 GMT
last-modified: Thu, 03 Nov 2022 08:24:28 GMT
server: nginx
expires: 31556926
etag: W/"63637abc-4413"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
x-proxy-cache: HIT

GET
H2 200 yii.activeForm.js Show response
www.oferlo.com.ua/assets/2e4368f8/ 36 KB
9 KB 70ms
70ms XHR
application/javascript 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oferlo.com.ua/assets/2e4368f8/yii.activeForm.js
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=5df350938fca90c47f51a2162e5b32b4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: iw3SQo78Hex87cJi3CH24xSHjLjUyDzKnvggPj8uuTn4P4It9LcqqhjYlwuOTqbaULC0jLb-BKDziBNad1zRVw==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-proxy-date: Thu, 03 Nov 2022 12:11:51 GMT
last-modified: Thu, 03 Nov 2022 08:24:28 GMT
server: nginx
expires: 31556926
etag: W/"63637abc-9046"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
x-proxy-cache: HIT

GET
H2 200 maskot-main-happy-xs-subscribe.png
www.oferlo.com.ua/img/maskot/ 2 KB
3 KB 70ms
70ms Image
image/png 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oferlo.com.ua/img/maskot/maskot-main-happy-xs-subscribe.png
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/css/global.css?t=58f64e08fec409c274668ee9dcafda2c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),
Reverse DNS: pop-europe-middle.hyperia.sk
Software: nginx /
Resource Hash: 0d9f243e38580effa8393e2fde8b1b6292b50af8653b8eb68a0fa5f4ae6a9d35

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/css/global.css?t=58f64e08fec409c274668ee9dcafda2c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: gzip
x-proxy-date: Thu, 03 Nov 2022 12:11:36 GMT
last-modified: Thu, 03 Nov 2022 08:20:14 GMT
server: nginx
expires: 31556926
etag: "636379be-917"
x-from-origin: true
content-type: image/png
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 04-Nov-2022 07:22:26 GMT
content-length: 2327
x-proxy-cache: HIT

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/ 55 KB
21 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1447540957213601&plah=www.oferlo.com.ua&bust=31070696

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f8238f42a313428b8365cfefb2679a7dc360f859ba4304da5a48332a8721a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 20:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21112
x-xss-protection: 0
server: cafe
etag: 17057307539550712440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 20:06:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
88ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=www.oferlo.com.ua&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C31061691%2C31061692

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C31061691%2C31061692

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
694 B 511ms
62ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.oferlo.com.ua&callback=_gfp_s_&client=ca-pub-1447540957213601&gpid_exp=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71c40c8cc425a3ee164214cf2bdf32f2d3d46c3044ec99e6f123954a84b8fa82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 511ms
64ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 510ms
63ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 63A0 120 KB
33 KB 1640ms
1637ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1667546546&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546517&bpp=3&bdt=328&idt=284&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8521646978737&rume=1&frm=20&pv=2&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=301

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d3440d0952fadf83b7e02aba085a19e67cff22b3ee914ef84a03137727db7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 07:22:28 GMT
expires: Fri, 04 Nov 2022 07:22:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 484ms
53ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 05:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 7058
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 04 Nov 2022 07:24:49 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 486ms
55ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Nov 2022 07:22:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 9bKJZlelYkImRTfx3qe9RZkw6DGrheWiaLVpw4OTUvqCqXfhq6IMZ7R81yB7W9j2uKPXArL2e/RsgvXFxZ4ooA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/ 2 KB
959 B 178ms
69ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/?random=1667546546832&cv=11&fst=1667546546832&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&auid=504394944.1667546547&data=AdBlock%3D0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRQV9D6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89502015874184aceee6cabd48b8be64ce80ba2b6e964247a0fcb94b85527960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 934
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=0&tms=200&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B51 24 KB
12 KB 1167ms
1165ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1667546546&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546589&bpp=6&bdt=400&idt=247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8521646978737&rume=1&frm=20&pv=1&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9Mt2Oq1bMv&p=https%3A//www.oferlo.com.ua&dtd=252

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6a4676929f17f35157c32ff4e75ff3738742273c5c1fe2ac48dca0c3a7f5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11789
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 07:22:28 GMT
expires: Fri, 04 Nov 2022 07:22:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/868040956/ 42 B
548 B 186ms
70ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/868040956/?random=1667546546832&cv=11&fst=1667545200000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&data=AdBlock%3D0&fmt=3&is_vtc=1&random=1974924848&rmt_tld=0&ipr=y

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/868040956/ 42 B
548 B 185ms
69ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/868040956/?random=1667546546832&cv=11&fst=1667545200000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&tiba=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&data=AdBlock%3D0&fmt=3&is_vtc=1&random=1974924848&rmt_tld=1&ipr=y

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 171ms
61ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1437577823&t=pageview&_s=1&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=2108209584&gjid=1250953311&cid=285871355.1667546547&tid=UA-24834420-46&_gid=405520114.1667546547&_r=1&gtm=2wgb20PRQV9D6&cg5=site%2Findex&cd2=0&z=1881110451

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oferlo.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oferlo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 478813288996064 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 112ms
55ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/478813288996064?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b4d65d697190902b37678499c99785c2f81d62664ba5d23a94a5934ec16d7ce

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 04 Nov 2022 07:22:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86000
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZV50PLiXvPqAeBoiLnfglXKnAEejO14Rmu7jXyM6v3zoj7pPV1y67Q9njnAyhvdZJqDlaS73hF36HNWfVkZTSQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 168ms
56ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24834420-46&cid=285871355.1667546547&jid=2108209584&gjid=1250953311&_gid=405520114.1667546547&_u=YAhAAEAAAAAAACAAI~&z=66560874

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oferlo.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 04 Nov 2022 07:22:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oferlo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 166ms
56ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478813288996064&ev=PageView&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&rl=&if=false&ts=1667546547591&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1667546547590.372237366&it=1667546547357&coo=false&rqm=GET

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 07:22:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 179ms
67ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24834420-46&cid=285871355.1667546547&jid=2108209584&_u=YAhAAEAAAAAAACAAI~&z=222098313

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 177ms
67ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24834420-46&cid=285871355.1667546547&jid=2108209584&_u=YAhAAEAAAAAAACAAI~&z=222098313

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
17 B 119ms
59ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478813288996064&ev=Microdata&dl=https%3A%2F%2Fwww.oferlo.com.ua%2F&rl=&if=false&ts=1667546548094&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%82%D0%B0%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%20%7C%20OFERLO%22%2C%22meta%3Adescription%22%3A%22%D0%A2%D1%83%D1%82%20%D0%B2%D0%B8%20%D0%B7%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D1%82%D0%B5%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D1%81%D1%83%D1%87%D0%B0%D1%81%D0%BD%D0%B8%D1%85%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D1%96%D0%B2%20%D0%B4%D0%BE%20%D0%B2%D0%B0%D1%88%D0%B8%D1%85%20%D0%BF%D0%BE%D1%81%D0%BB%D1%83%D0%B3.%20Oferlo%20%D0%BD%D0%B0%D0%B4%D0%B0%D1%94%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%20%D0%90%D1%88%D0%B0%D0%BD%2C%20Billa%20%D1%82%D0%B0%20%D0%B1%D0%B0%D0%B3%D0%B0%D1%82%D0%BE%20%D1%96%D0%BD%D1%88%D0%B8%D1%85%20%3E%3E%22%2C%22meta%3Akeywords%22%3A%22oferlo%2C%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%2C%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D0%B8%2C%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%B0%D0%BA%D1%86%D1%96%D1%97%2C%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.oferlo.com.ua%2Fimg%2Fmaskot%2Fmaskot-main-happy.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.2.1667546547590.372237366&it=1667546547357&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 04 Nov 2022 07:22:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 4 KB
3 KB 71ms
70ms XHR
text/html 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist11&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-11-shop-tiles-prepend&d%5Bcategory_id%5D=11&d%5Btype%5D=visible&d%5Bshops_in_line%5D=12&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=5df350938fca90c47f51a2162e5b32b4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

7c191e5ef9504ce2879aacd7dff8eaa160e68f7d136f9994a2087d43b35cccbb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: iw3SQo78Hex87cJi3CH24xSHjLjUyDzKnvggPj8uuTn4P4It9LcqqhjYlwuOTqbaULC0jLb-BKDziBNad1zRVw==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 04 Nov 2022 07:22:28 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 04 Nov 2022 07:14:32 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 04-Nov-2022 07:22:28 GMT
x-upstream-backend: letakomat-ams-w028
content-length: 667
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Nov 2022 07:14:33 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 71ms
70ms XHR
text/html 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist14&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-14-shop-tiles-prepend&d%5Bcategory_id%5D=14&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=5df350938fca90c47f51a2162e5b32b4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

837206ebf6e62ede22e73028f6086e3cf47af7719e15721650d7bc42e5cf5f41

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: iw3SQo78Hex87cJi3CH24xSHjLjUyDzKnvggPj8uuTn4P4It9LcqqhjYlwuOTqbaULC0jLb-BKDziBNad1zRVw==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 04 Nov 2022 07:22:28 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 04 Nov 2022 07:14:32 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 04-Nov-2022 07:22:28 GMT
x-upstream-backend: letakomat-ams-w005
content-length: 454
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Nov 2022 07:14:33 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 71ms
70ms XHR
text/html 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist12&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-12-shop-tiles-prepend&d%5Bcategory_id%5D=12&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=5df350938fca90c47f51a2162e5b32b4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

019e5ef4eae6526b7df9b7119715ece680f8a207b20742c38b8a73ab8f135c50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: iw3SQo78Hex87cJi3CH24xSHjLjUyDzKnvggPj8uuTn4P4It9LcqqhjYlwuOTqbaULC0jLb-BKDziBNad1zRVw==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 04 Nov 2022 07:22:28 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 04 Nov 2022 07:14:32 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 04-Nov-2022 07:22:28 GMT
x-upstream-backend: letakomat-ams-w001
content-length: 445
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Nov 2022 07:14:33 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
2 KB 71ms
70ms XHR
text/html 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist15&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-15-shop-tiles-prepend&d%5Bcategory_id%5D=15&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=5df350938fca90c47f51a2162e5b32b4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

c6c7f3ffc0deb34af0f7c06c3610b4c6736993258ea2189658735f42dd251e51

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: iw3SQo78Hex87cJi3CH24xSHjLjUyDzKnvggPj8uuTn4P4It9LcqqhjYlwuOTqbaULC0jLb-BKDziBNad1zRVw==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 04 Nov 2022 07:22:28 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 04 Nov 2022 06:58:31 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 04-Nov-2022 07:22:28 GMT
x-upstream-backend: letakomat-ams-w017
content-length: 404
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Nov 2022 06:58:31 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 138ms
138ms XHR
text/html 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist16&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-16-shop-tiles-prepend&d%5Bcategory_id%5D=16&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=5df350938fca90c47f51a2162e5b32b4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

3b5c2abc10ad805c4de0200f2e6a6dfdd82460db05e3145a169e7767d17d534a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: iw3SQo78Hex87cJi3CH24xSHjLjUyDzKnvggPj8uuTn4P4It9LcqqhjYlwuOTqbaULC0jLb-BKDziBNad1zRVw==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 04 Nov 2022 07:22:28 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 04 Nov 2022 07:14:32 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 04-Nov-2022 07:22:28 GMT
x-upstream-backend: letakomat-ams-w006
content-length: 459
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Nov 2022 07:14:34 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
2 KB 138ms
138ms XHR
text/html 5.182.38.129
SERVERASTRA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oferlo.com.ua/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist17&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-17-shop-tiles-prepend&d%5Bcategory_id%5D=17&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/js/joined/external.min.js?t=5df350938fca90c47f51a2162e5b32b4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.182.38.129 Budapest, Hungary, ASN56322 (SERVERASTRA-AS, HU),

Reverse DNS

pop-europe-middle.hyperia.sk

Software

nginx / Hyperia

Resource Hash

8df4fab5171a5708bb0e27d5c3b6a1d67dbe5a266851726dff167a2a7e03673e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.oferlo.com.ua/
X-CSRF-Token: iw3SQo78Hex87cJi3CH24xSHjLjUyDzKnvggPj8uuTn4P4It9LcqqhjYlwuOTqbaULC0jLb-BKDziBNad1zRVw==
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 04 Nov 2022 07:22:28 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 04 Nov 2022 07:14:32 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 04-Nov-2022 07:22:28 GMT
x-upstream-backend: letakomat-ams-w023
content-length: 451
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 04 Nov 2022 07:14:33 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/31/ 938 B
1 KB 117ms
67ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/31/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8425275b77f7ce018416241e85960821de53a5ed71761a1ae397b1a5e855336

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:28:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkxS7NNNn2zr1ybXQasAaBJI%2BEbAvn9hc9hRhgBrm6V5Z3kpi5Lajl50MtIWarLOo1zYIP3MHawWsYZtFh1nnzOWFyFg7IWrU8C2c2ZxM6yKJaII6CP8qmjJeONqMcNNwME7T2%2BsCB1JsNePPIIobO3fWEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c920f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 938
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/3/ 2 KB
2 KB 116ms
66ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/3/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0ec01d98e8a4dc98af6301e8f95b634f63a9256cff1f71d592fe267fe1ec9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:28:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bo5WohMagDMr8kkrdzl%2BwvfKzlRrRAhp2KvOwyCDgHHwbC8RwxQfJ%2BTCRer7bjO4fdBVbg8EXfdqp2bkvO8Ay03XHrOSJh65dXVB7%2FtWXq5EtKkiSwBtuQXxdxx65snthmtZ1sDitx6Lbr7iKlte7FNtDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c924f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1648
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/1/ 1 KB
2 KB 135ms
86ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/1/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c2516c4c455411caea0c64380b128f1b5f01afcee30dd17560d3da5c7699679

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8s%2FVXNvZBEhb1HSDlsJ9hw9FJtdqDbB6jSY%2BwTJqWsKRTLofpESKcvx4kuoxgTgINkYKFckCNNn7i9SuivOP4ts4yxszxbGZZpeabsqE7fC6DJHjo9Dl9OpJIb3sEbkidSKPJ08hwfUoaqjJMPvmHwyDiTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c91ef41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1056
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/2/ 1 KB
2 KB 159ms
111ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/2/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b00616261a0df3574dfc8b4c0e0403d62121d1bc83b45744fe2c76c5252095e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeiRYy6qEJ3gRlMRqjCZflDDIk3o0Z%2Fl79zyBZAdvC%2BQcAf7ONIK0SS63kIiLSXZqpMnPqhQs38mRODkSSXZGMyuTsz1SZjA%2F72jlp2pb%2BWGTXlWwjlUp2hvr4HM%2BKldvFvnr98thtKbP4mx%2FooJaxBM738%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c91ff41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1162
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/9/ 990 B
1 KB 118ms
69ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/9/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b177a40aba940d7cdbaa62174e671bf2f02af901978167753fdcfce2be9101

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06MN25saAawqE%2B2bmjcv9YMaFlq5pd8imvc1UcJfwY3JtK4qVe819vRImKfUevCBYyKYEEGdlPbT5vCMK%2BjvTom47j1w0OATTHMHZFNz8gSa3gtpH7ENQFfDoegaKZdXiQfMSGIy1LhvkQZPScAvxAn%2B5fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c925f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 990
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/33/ 810 B
1 KB 159ms
111ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/33/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 446bab4f19b463933ba69fc0c0ff5317bcef393fdcda0816e62b0a2b4aafeaa2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 06:28:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvdyZ4SiHOQEhu5%2B79I%2BQV4eAOeNgkLhGusWONxSNow15kGl2PyHRN77jo4KVyvERzXg9wEEZDJwQqnuo7c5vmk7jbty%2BeDebaDJV8sZ6r8SGQORLRBTTYPaEByy9oWPrjYQQchuHKss9mCOpxj3U2%2F%2BUTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c923f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 810
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/34/ 580 B
1 KB 162ms
114ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/34/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a766ea12240078e9a4911493790c08cfa979a18619d180cd7f5a5f468fd79f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 06:28:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2jEqosOdiRXOST56iR1HemBWZVq0aoblDQLfywoS7Mqyvasx%2FsodHKeIK65H%2BWRs48beWW88Ml0TimiQbhZOfAvPA2zy59cUokxoxS2oOUtfbySRv0Do2WAftlK3%2FSXsWS4dq6t0oQzCKGm6Ib9%2F0lb1CU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c927f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 580
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/8/ 1002 B
1 KB 163ms
115ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/8/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df94118151425d11320f6fb3958f309162e9556cf48af223f66421c6a3c8e456

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfhZoPFAHfR2xsHzivCf7f2f8PECsq6BvlMBn7gnOAsq8GHLq5PiPAeEyS8HqDu%2BaBkahRHQ3WT%2BNPxBJWYM0E0KHLEAF3VRnzzFD9bpXzxAKenni0C%2F5399ptQGyrxuN8ETHPYZHsU0rxnag7g0JqAa5bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c928f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1002
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/5/ 638 B
1 KB 119ms
71ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/5/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cf4140305db6473492b7bce8c789d33bcc9a862f9d2d7fce40b115edb31683a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv5ikJYuWfUsWG%2F3AekXo8%2FfgknlDH8L%2BvW%2BuVWA%2BeZGWeK0%2BSItjc91%2FX503%2BFqHEkL%2FBseMOt4XJmlQlv6tioUPqHwSNHRYLd8e90GdzOndhjYUtvHxCV5lMwhcP7PwxcepCnsdEJD5OQvSpbE1VbwgQk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c929f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 638
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/32/ 724 B
1 KB 117ms
69ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/32/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7e7d97399e03e24a55f3b6218e69ffd2ce957eca70aee8b854b6aa33366402

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 12:58:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFOEpFjXUJnyM%2F5ghZzZtnKIsvBePFMUC5zJbPaxamdi7uxGgvwA9SbO3I6bvw7fknYsgAdih7XpFKBpoiE%2BtsHrLdwQXnV7G0%2F0nSCwQIIDoUt76SGXn51ejhcCHeTE3Vd69hzaEtKtf7zX%2BscxwLQTfww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c92af41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 724
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/16/ 786 B
1 KB 118ms
70ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/16/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f16f58885de373ce052a72b68ae407a049b3037a4324a04043a42fdac99460

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NXO%2FMZXSJNOuDKwsig1IMZcKbTvprciWmITVB7laGLxrcLlIheQHLo3BbjhiKUBGAYzK6Yv8u%2FUelecBSQbokqlpF1kvnGAX81oTw9fA7TGr08XPg%2B3G%2BrNqq9D0bPy91tohxvWo7v3la%2F%2FdJw0kvTEzJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c92cf41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 786
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/17/ 824 B
1 KB 163ms
115ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/17/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f22966b13e75ab8fda4c46107f7de87998e445e7b37e377a03a9b5beab88b9b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:21:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utYAYAP7EB5CnZXhq6YfRr7RB1TJVZ1fBhxTwKLfpdhNzr6Sx%2FDaNv3ji4KHHB5%2FvSMlr0ALfsaa%2Fhn%2BMW%2B2%2BLMLaLHav1xglKJGXzDQp%2Bm87%2FvCFnR9AT5HB0DoVrSi1RfFo1PaiTAHwsBrczc8NtpD%2BPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 764b9947c92df41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/15/ 1 KB
2 KB 163ms
116ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/15/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f43e35c9c59892abc041c104628f994df6c53ab6364055fa42821c1122a618e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhNAnKcDajstKRy%2FPk3jVYFtewihEl%2BJgutPPZ4lBps84Urf6btSDOTI9K6xALF5cWZgbaAHAZZQzX0v4qaL1x8%2B9Y2RuKo3jVM9bBeRsIYu%2FufJp8t4VHX2kLkcjVeqC0AV5551LLgJgB5%2FP10aLO1eYWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c92ef41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1488
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/14/ 796 B
1 KB 118ms
71ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/14/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049edfff9507adba029091a9ef66a3017d290cb2d81bb96af6ce86161882192

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WXX2%2B1Vhj23djbDNP37o4w4N%2Fb1qQaLCWHGbe6ej50NqakyXZ9coCf5U1Hn4fjs38CRYCmZsY2%2FXylJju7Or8zio700Wtk%2BKGun9tUq0Nv9760IJTStnE5x931selirwFyxW6QZ%2FWusHPub85ah3zk4Rlo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c92ff41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 796
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/18/ 622 B
1 KB 164ms
116ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/18/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7626318acfbe6eec5abc99f2cc5778703edd1f90463af85d4cbedd693faa114b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:11:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shU04TCypZQVm3PHoZqDEQC6Eki%2FGTbkLLkF2%2FSMtAfn7GF6otjOGjTwUwjyMWyHwKIMd3MjcMyZ3EtUhG7Js%2FuCFsIIKHjQa1PNOx6Ynnglki9P2LZCzjuxhJllzoEkuAaEni7KvYz5tLk5KDmc4wVHPSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 764b9947c930f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/21/ 838 B
1 KB 118ms
71ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/21/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4c24faa867df9b33628fdb8aaf2d456e989750e4cda61f2418fee5d8b1c5cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 02:40:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yp%2Fxx157u907RUnrzXhDIBKF%2F5E17eQSzuMw4hQJ4kz3iJcU0oPh%2FxMxB%2BoTuJpR7IwqIjQ9DUvSsuFg0b7SsJwwcm%2BbqsaVrZqfCKfIZrdf2unX9LGL0sZO6qzLuSSejHHBGK9YfS%2FMVBE2lzjcG93AXQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 764b9947c933f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/19/ 918 B
1 KB 158ms
111ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/19/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a0574a1e7e1a1090b17dbf386399714e05f4afe8f09e15a3e5dbd58b435eb1b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7A2OCS2uvaylJKKCrX1n8rOkHSPEzWNl2kfbIG4vEUDV3UiYE9H6fAMW4rLwp3PA0VCDLyo6vipnbVAHYjwDxYdlxWPZgnEsSAgRjQlPacZmpErnuTQ5YFhvogdpi6Ulpr%2BCjBHm%2Fgtb486vu6HY7H9wSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c934f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 918
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/22/ 798 B
1 KB 159ms
112ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/22/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914d089eacaecf6944ee46bec04ac11975c734f98ddbfc5750536c2adb23fce8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:58:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iv5DztrbC8IwVQKsGwAs%2FtNoGuIstc93Lp%2F3QvMuVh9Y90u4yis0XE5kO4HmFDyisq1w%2FZGmoT6aU3zGNppX8BampVsgIQrqJKOubwu5fLrEATf8x%2FKBcgVsgmfWoU2paQ8zEVBMd9VOIr6ep3wE3zi%2FRjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c935f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 798
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/29/ 776 B
1 KB 160ms
112ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/29/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c897fcfa6be72e2bf55770711a1f26dab4095d209ca4cc92b65cba0f0ea0b83

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rO27ZV%2FND3hp96gcRooQf5BL%2B%2BfmsOILrDFiDBNJUP%2B%2FzhColjNCR02gSyTITqIHhehopO%2BNtdfQpgj1EJ1wBU39s2E%2Fvow9IoY1nJjnANEoHoAWMVALP1kF2pHRkNt5unWNmnnvYQxelBMuRUcK2hMroB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c936f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 776
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/11/ 824 B
1 KB 161ms
113ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/11/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f50ed9c3c87ec6211e8cefe2c82e05d2e89f75991ed6fdc0b9607449db7dd777

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fiT9K06tzKrWnTqFU499GIFPw9gjMkWp0bbxH7ENS7F8kLQySh%2FbfjYlQtA5%2BlIbS5y%2FdmP4sVrq8W4GzS8FDaOYmCnTPiYDsnRDwVu7N5YQsy50clUSCtFD9DgPhCZvQz8r%2FB0EznAY8UmTAJR7uvG7Cw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c937f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 824
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/12/ 498 B
1003 B 200ms
153ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/12/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0674a525618751a642fe4baa693ff34b3c0580a13624da212f9d61300916b76a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Nov 2020 15:28:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRIGi%2FqMeINcEIoN68jYyEr8YtCRiIXLzWbfcYCOdQam%2BslurV3R%2FWXvMsr0bis98ekij%2F21%2FeW8RTTKhEOL08KFSnccn6hI4WwjaEHdMaoXpweb0S2A6LcKFKFhXrLcuQJeCMXdfdDCrexcDnKxZw9G8us%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c939f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 498
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/28/ 828 B
1 KB 200ms
153ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/28/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6c0fd70405f944e0d310f7ee9e16249c00f136832d2eef24207a29b92a42bac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:58:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZqsewbi2mXMz8F6dq1xl2rZoLQiEOwm5xv0BN2lKAD6RyaL9YUPhv7WIe%2Fe5CQjfBJrHW20s%2Fqe%2FO4y7S7n8uSqWdJO5Pqpc5qdLGlhcpthphMTc%2Bey1BckJ8nxSJVk9OeCacJMseSCan0CuMMI2c%2FH7Gg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947c93bf41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 828
expires: 31556926

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B51 42 B
63 B 88ms
88ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B4qjVHS1-H7g4YVJUkvnCYeXMKHzRxoS3ImfXYnIrtElSzjBKir7Wn147zvil6Q2ZJLxLgoZEtkK1YM3M2rrm74-ryFCEpOACMNq_3DV-A_pj1svI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1667546546&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546589&bpp=6&bdt=400&idt=247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8521646978737&rume=1&frm=20&pv=1&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9Mt2Oq1bMv&p=https%3A//www.oferlo.com.ua&dtd=252

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 4B51 12 KB
6 KB 262ms
64ms Script
text/html 52.28.143.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCYSais71kY6viEoWAmwfopriwDr7TrJls3IXcksEQZBABIOz4qCNglQLIAQmoAwGqBPoBT9B-b7LihV9GitJcqHGnfVTiwHN097fFmZ6_3px8VFJt9PP20_NOn3-6VemkQ4cj5pHY3DKj0O781un13dzRSLT3cXmXKBgFoIy6WJmc4CikFdXPZ_GQorhFRQWURWC38NysVvfkQ5K9tF2BoVHUwC-Lxlkh5g1i73pwKsOUV-FR2eFqXy7wyWR1rtZDzTGs9JTIxpEhMhr7LSb_gVKfNZ2EswyYhiXuMsOOYpedBVDOI38H4tH2DkzjCZBl7RcwS_LMtaDlD-ZTwSriuvuisHCqvx9xmE8p64qYmh8VNPsK9fBqsBlhsYZ9iOu6ntxiw33cyCnR8oLZc8AE-YC_jYkE4AQDkAYBoAZNgAe87vraAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATzKXgENgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSKQDq26N9rpYO2hhMYCQuiDGLjEcjH4aTqLpoYxttQ5AuR-Q1r7M1sU_vGAEgDg%26sig%3DAOD64_2KdFoZ-r8n_la1V3DR_9b1VRqKOw%26client%3Dca-pub-1447540957213601%26dbm_c%3DAKAmf-CITxuulZj1ofyO_7ex6-xSng2N2I5WeGOcfgzDcSI9Y6sNVx62gsnvp76pzITebStB9h_rF7VLqqaKvEAN1eeevz0hFpd0OIPD9JB7tJqwwFamxN_ZFJADEFuO4pH-CzT-IVcy4CF_QTtV7B4CwQu2VCM9cHJ8D-gY9qJ1km-Uc_FWPsI%26cry%3D1%26dbm_d%3DAKAmf-CoEkWvAaV_IIC6UhoojpR1nCtm0ADYH1eJ9m0UvOcDtWQTEHKNu9dbLhlRiVL_vMEEEsrEyXo1sC3BhJXmfLn1DajBwHhpxZue2XrIMNEBfykTJ7LxcC5_FvAxYCRpaAgT0hzfZ3_BOvOvYlyUEFxdvbpiLdS4Pu8xvi6x3ew765bP3zeBZx05U8qdp8OT7o19FapZJdZU3HKeiCfJARbYfxSKRRFsFTGxtISrjUhLCsLszdVbUXXneQGwJcUNsIJ2wRPypVaqr1zzY3v98N4cVlx0xASgHgEXaaWPGYoZ4l0QX3ypmcPP1CQKBLRcOlhgwYT_Oth-5dg7FsJkYB3eWGXF_K2pqiez9S5d59UesmiULHbZ4JmlKOHkP62Ex5qUtLlMx5QZqqu-DgUoH2ckF2QMWC9Yap7aWvjLiP5K5ijKZXFNCAvfikB__ecsMiMWUPmD5fHzhNXRjId7ppfksLz9ebBq98JxAaIzJNpyrksYWTIHBVKBzT9eC_2xXOyXYji6jgsvJuIWUO8Y5fAdBdfRVX_-WP4pMgfHLpzekSByb-A%26adurl%3D$$&c=28&cn=display&pli=1078328944&gdpr=&gdpr_consent=&w=300&h=600&ord=[timestamp]&pcp=$$ABAjH0i8aUhOxRI-e8XXWjxJ5qOc$$&z=10000
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1667546546&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546589&bpp=6&bdt=400&idt=247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8521646978737&rume=1&frm=20&pv=1&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9Mt2Oq1bMv&p=https%3A//www.oferlo.com.ua&dtd=252
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.143.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-143-91.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8542472823c3db1c9fa9e4d6ad9192951d499dbad7db89cafa789d7f61627a3e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 5336
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 4B51 3 KB
1 KB 222ms
107ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 07:13:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 4B51 17 KB
8 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:27:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4B51 0
0 66ms
62ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRK5Lc3QcqRHU-akZWLiYwRXgbY4cqe8tMlHkX7rYEZ9Xvpydfzbw-GnuRZU3mvU0fBv_vCmif82DYwqw_NvAIHWL8GRA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1667546546&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546589&bpp=6&bdt=400&idt=247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8521646978737&rume=1&frm=20&pv=1&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9Mt2Oq1bMv&p=https%3A//www.oferlo.com.ua&dtd=252
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B51 153 KB
47 KB 183ms
62ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667389194171289"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 07:22:28 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1A27 624 B
242 B 66ms
65ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGNSQ_dEBMAE&v=APEucNWxsi-vKdNw8wqTEJqZLYf-coHGg7LrK9fxvSNiklvSMm0-zR0gnWRuTMkjHyzF3Ic8Q6Jju84trIor_gtmIXev6QCT8Vu901erCV_DUwWUZRpL61ore3VifKEK1Q4LA7cZBCqEmLTOGOyIwIeppgLt8upq4qsrnt0ZPX7XPkIPlG3FgSo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1667546546&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546589&bpp=6&bdt=400&idt=247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8521646978737&rume=1&frm=20&pv=1&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9Mt2Oq1bMv&p=https%3A//www.oferlo.com.ua&dtd=252
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 07:22:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4B51 28 KB
17 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd9ml2snjr0Fs2n8mvGc3HuhB17m35jfc48RwSRV3Kvmfg2UEZBBsRB5NrVxOwuXzSeha4_AbP3HsFFO5T-mNfVhlty5Hfk0WtUtOLz7OiJBEO7L34rFny0Td3vyilf80CruaZVvwX11CsqbJdXwaXEPkuZGES9Ho1Eiwd2u_CAmrpvu8&cry=1&dbm_d=AKAmf-BQSTfePDIk8jILe0LGkmVFRbYcQeOr48A5hdwDCGgpAo2WHQqVBzodWSl9M5_SkYx-Re7RZg_-8s_RiSRRpymiCLww1uY6mWQBEy5b3ApWoDwV5-VqXPrNsYO-bwCj7BGbecEDKx8SEVULCMxsi95-TBj18KUuwI6yeiFTa8e6J2d56O401vd1wfH71iqJLvtWWhFOxyT5e8xrql3JIGMwC_qDPbhTzuCeIsNxH0pnZ3cQVJUPa7xWdV8m830aZHd2s4DrJryqfcgidSnW5ytA2rM7whnwmA7Vg4HZSzJf3lhoJ7qiY6Gg5dBnNh-oM_DMU9mhn0SigWP9jbnG18hNr-KSeutJQwdZDr92gJ-lqQzqZnAZG69Aih1DSEh65Lu8ZFFf3jeehqV_i9jAZqnB8TUOlGbohJmx5Va5TFQaMCPr5gniPxeneQubHyg2tQMK1RTpU3EBOxXQo8w4IO4dV_OOovS0-VYo5q3mN2lKl_iSTWj-X4_zV6ASbL6Q0HhBH73vCSBSprf-rPKo6Ljh5ojmWyt3Vgu2AgPCJR958KxPfdKWzoCNNx1Z5RqG1YmkgVwuT0BtJblklD6LhtXSvA2BMS776t0Y-3Y3SO6QQOgtmmYu_Zmzq7SuNKA7To-3SC66cxnDRIMjuIgOr9rifW7y0M7Qywyt3zVVYgzUBtbiXqqY7Q1GKmrqFwqirTQAm_HH7Cso2EmI-N6-fHILvoG5i9qeneiH5CC8doilj_9_PBaTk1Uouu1YPTtIba_UO5XIvtgJd0j9uu87dEe_5Kfbaph5nFq0onlDAbr-80-n29fL8MWrz_sG1gAfcFvD0VQeRdk2-uevI72FRBQwm4UoJ5tnpegQJhkC76A0hsCmDlXXqh6ix0s9khvlGNj14EKHlOEoSLpYBzg6cDVfcC4Q4eVxfkd0QQGwf_0ZR6NUZhf57FvPVBZdtpAG0Nmy1Z6Ea1JjXWMskcy1hU3u8K8CINf2i_ANSJ7i14MrzpKn5VBB3HIiYuwobbFtl5-BzVG3_25x46D7k4AXIppfMpUSfkj4cBalOMUoOJCOa6gwPwkRUFArcNNh3r9n9zym7hA0KNvevjXzUw__Gkar4Xhj6ryvPWYDcJ0NFAHD4j1kkmUZPpjB6K3XooykkAQmdGd13RzfDqb2FdClYTPT1AIzEMA6tZoS3_UXNea1EGzvmkUM2ILnkO1hjQMuXlNG3PM7wVKxG4OALlcV9LunQdiBWalXAkgdEOsR8BQoWaWFseaBUDLxHs1KgRl4q8ZeB53K-BMJzmARsD6kqmY1spKarUq_tVjwbCgz9Op6fx98WCMEemtphqkWR5AX9GnM1tRUh_XtlbEARkGsApSJ1DCem8hOyuAd8ffq7DFOqcpatyCiF8mphDJAb8ydjVhA8_AE_5aobc0ueryR0A_dlBgfkx9WbFACn9GpBBmAgoSkeGkcK4Wunt0jwNkt6c0PxB4Aj72IAJ_wmrhZNTOA6beaTx4R3C1Yx90EmJvosJbfjAsLcjyDhrZKGnRG7Ied6_X4BkdjOikNx05JurQtHi36hATq-fJs8mj5tuFH9oLGgsQm9Q3-_WOCd4DxVEo-lB-v81GjTpZfae3trX9HlEGfjXdHpt1r0XVX1pk3BQhvqKHI-ns_Q8X5qMjw7RaYElP2xBdd3I-NJHV_ZhDraBCb2VhORD6yY2Ob5-FdIotvR8yyvEHo9Ml3lF1AuVSUfZh4OeNhVK6ph-69vUlYTgKAQtAr6vszH3PXDIjXN2ofVmkUwAQHyj6pWOVM1xuZDmpsw9VVM_GtI3cG6eIBz5WZa2OksfiZcR62Yk4zKeZkra4aYBQkhykbJ7eu_dpIw3CIdEVlijFU6KZ09V8eMnoqHYmp8bHUboO8CXZCD2prGnYGqQzPuVm2pw_-N8djic_yDhjYbob8mndL5HgdlAmVJ86h0rL2JFv8tvhruh-4fGfqbRadnL4CMcizKT_7PYeCpRPXMoFP3KYz2f0WvkIE_-pV4O_KXBKbCVLJ666kMznK9UrfnQDW2AguGQxgwTalcrLaHvUS0Lzh9Sh765zRC-5bb1Qmk0msz9s2YocFMnoBxgEOeSREmozV1wvlzEopBxYfIdF_3EYFAuqz3apbLPgnInrtxm89GwdFdU3R_DUFsSY5djvk8JO8eywtnhnjVT67_uo7F1v93RuQWdLphhzJuxBPfQ-SBPd1QW_ZfIaGaSFQxQ2_V2vCboHrAFWdZyu0-CpwoNPNBmwMwPNRAC9mP2WCpEPFoUI_tBK9DqjZbqdUJRFBkLnqE8_2m8Z0FPnjaptjzzt9bONRpDdSX4FzUuVTVHS2VtIZFJf8lmZ0M9Eb-bveHyJZpT4KkG3ejj_5E1bbsvG3mASf8mr27VEW-rtnu9QpRfSHhZDoOYUw33P7BcTHZLooacYvx60FMfHRJZ-ZuusM9Cmij_E2LxVa_7MrWyokPVxrYSPpiFA9uABpo4eV49ouag_QQffDhuOHUGNIE6DqvueFEQC8J_cQyVZJSfqvc8WRRE6jmRHbBQ0DbvHpK-2WUoUvweTKPEDLw8mGIwRDtlrFkKYHT-WfaZ7UekUbiVDNQMcnzCknF7j5cXFOgMv2FMLObm4iLnsWahQupYtRpsFP-q8bfh-CwKXrYi21QkwteCVfIVUjxPW_bo5LbLIYBd8xNN0D-Lp8RQ6mp_6sM0Sb1vhDqvrbudANzYg-KTQCHcIniGY-MGhpoSZQXmHZLKl7dvnFnKCan9tsf6vDGzEHynWyo0DKlSFD0i0R_Xwb4pCAKO6LSWwv7Q5u2D2390XDhxKQ_AwfY9_PwKEyaOZfII94ugIe6hZTAifZE5E3SzIlHiPcofGiRbBqv6A5WKsEVRj54-aGmavf3TBsbZwMMGyaNK41MA6eEqX565WRKTo4jR92G7jj7m85024BdOcqKmoapJUP2OD7orjqjrjn-av-8yy7ZwlUyclXSCqw0FlXnl8ZaDTZJqp6H8FBUzTZnI-iz2wF7wi6Fk75NhDkAqGp0OgQPE9C_VrjXLSSXtOZbcW9ESJul4G5aeLYOyE0CjZ-4rUYEHSUO1uDD4eGnn95mDMVoW_C-Q4SXV-lidJcupTf5wB7WLn6ZQURFj5cyKe1hKYz-QCKHOPd2WbXP3j0Jky2UnW05EXDHKGWU4OUHxb9iuK-rFF1SoWaXZfMaSrXlgF181K6nQ4CDhI060GzM1dHzsoT8S5J_27yJ0Me8OtT6R12zO_biJh2aNnYSjvLx8pCBIorGpUUn3apOKw68vV6gM1dMK5d9rAlqGERYKkV4a-tQM8jl0fxmhkHYn3A-FiNlZ5-ieodQTBr0REI2-SakE78nHY80IMMS1kWfTpSCpi4Px3TCTYSXUF6Mc0b&cid=CAQSKQDq26N9rpYO2hhMYCQuiDGLjEcjH4aTqLpoYxttQ5AuR-Q1r7M1sU_vGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.oferlo.com.ua%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bcb2d569af95812adebc17ca1687da91f9d90ff225d282ad697c03e1cf65028

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1667546546&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546589&bpp=6&bdt=400&idt=247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8521646978737&rume=1&frm=20&pv=1&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9Mt2Oq1bMv&p=https%3A//www.oferlo.com.ua&dtd=252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16875
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/25/ 1 KB
2 KB 138ms
137ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/25/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4253f77b0d96cf34bfcc0c2f8ade40886e3a60e5fd6d6531a66c848456437b03

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Jul 2021 19:28:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgUSOgQQUh%2F5dnEe2jwZU%2F3amXGmv1JMpyblU3UvKwiEDrIXRjqPj4AhnK3y2TmyCxkPjXvDortTRQpTZMHb80E5cOfkHIxfcMr7QRna6pCx8l6j34Z9xvF1abDAYwI4lFa7U4RHvzh8fHj1mEWWOZquC%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947e946f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1038
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/26/ 462 B
967 B 138ms
137ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/26/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710cf1f76557948352e0a3bfdfbb71197ba6a984c9b73cb557f4a654113d7b70

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Wed, 07 Apr 2021 12:28:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyaDJw9Dxp8HTmQ%2B%2FnLM8rCn6eXkhg9briGul2bETaK2hu5RhXsyUeLrviJBCz6iijJkDbqBu33mvJzbKTtGAcgfUKqN0gaUYAznIaHiivF7JeAdCkTeAUsO6nvcMGYGs0%2Bjly3ZUKDL5Mp7K92AR3s7s5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947e948f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 462
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/38/ 548 B
1 KB 138ms
137ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/38/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d15f85d0aa8fe49a0ba11e1bcd2c4ad286c0ab1bc0452dec8c2fec9a446a6caf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 06:58:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUsiv0J5tzseXWV6Mov16xvoVJJgToky11mZOXFeVfgeQe%2BlMH91%2F1Ft9bKT69mcZ8qL0kcZPAuFfEIuZ%2FbUsMQ%2FYCuqy%2FkBusVeuO1C0yQHYfWdO9Xza0Ar6z294%2BDKxYFYOLesbeAmLT3CeM5Chn7huyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947e949f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 548
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/39/ 552 B
1 KB 138ms
137ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/39/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97992093717fde367507473ba78c48117095bdd5eac32fa9b9c8144aa768e4d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 06:58:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM1fntIaAyLDZ3LMtV10rn%2FvqzasUP14D6pne9m0coWfOSxoymjO4ClzcQM7pIENNJAaWeUw0yiW0z%2BeMZ%2B7ZM6rtSE0kFasxfUgfTzXVN0ZUmwmof3HlQF17dRYeu9e5831KBoIhFX6Zb3nyNnLYB2aS2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 764b9947e94af41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 552
expires: 31556926

GET
H3 200 logo_ss.webp
eu001.leafletscdns.com/com.ua/data/37/ 568 B
1 KB 138ms
138ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu001.leafletscdns.com/com.ua/data/37/logo_ss.webp
Requested by: Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f2d2cce0c47e7d116589c641a59f0ed79aa7db34f2e96257c7b4deadafcc2c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Jul 2022 03:36:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4J8Ca2UM81a2f7z%2B9H2RzrUDoUFyQcfMf7Ce1JfCcjuEYrQmgauwQhjGDJPkspQSKBzVkDV1Tg3h2x8904xuJzIML31H12iLkYLpuKrb7y7ic3bKnVfC0hnETXN90nScj8Vo8fFgXbeDzgDWh7dAiudcJ3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 764b9947e94bf41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A27
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs2rmEKvQOhew1yORdYGu0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs2rmEKvQOhew1yORdYGu0&google_cver=1&C=1

43 B
766 B

102ms
58ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs2rmEKvQOhew1yORdYGu0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGNSQ_dEBMAE&v=APEucNWxsi-vKdNw8wqTEJqZLYf-coHGg7LrK9fxvSNiklvSMm0-zR0gnWRuTMkjHyzF3Ic8Q6Jju84trIor_gtmIXev6QCT8Vu901erCV_DUwWUZRpL61ore3VifKEK1Q4LA7cZBCqEmLTOGOyIwIeppgLt8upq4qsrnt0ZPX7XPkIPlG3FgSo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 07:22:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 07:22:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEAs2rmEKvQOhew1yORdYGu0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A27
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2S9tB80jk0QzFvsN.l4CgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs2rmEKvQOhew1yORdYGu0&google_cver=1&google_hm=2

43 B
766 B

59ms
58ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs2rmEKvQOhew1yORdYGu0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGNSQ_dEBMAE&v=APEucNWxsi-vKdNw8wqTEJqZLYf-coHGg7LrK9fxvSNiklvSMm0-zR0gnWRuTMkjHyzF3Ic8Q6Jju84trIor_gtmIXev6QCT8Vu901erCV_DUwWUZRpL61ore3VifKEK1Q4LA7cZBCqEmLTOGOyIwIeppgLt8upq4qsrnt0ZPX7XPkIPlG3FgSo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 07:22:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAs2rmEKvQOhew1yORdYGu0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1A27
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPYT_9lA1Zu2RuwyYvd3yEE&google_cver=1

43 B
1016 B

81ms
59ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPYT_9lA1Zu2RuwyYvd3yEE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGNSQ_dEBMAE&v=APEucNWxsi-vKdNw8wqTEJqZLYf-coHGg7LrK9fxvSNiklvSMm0-zR0gnWRuTMkjHyzF3Ic8Q6Jju84trIor_gtmIXev6QCT8Vu901erCV_DUwWUZRpL61ore3VifKEK1Q4LA7cZBCqEmLTOGOyIwIeppgLt8upq4qsrnt0ZPX7XPkIPlG3FgSo

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 07:22:28 GMT
AN-X-Request-Uuid: 7154fd0b-62bb-4060-98b9-b9212b2075af
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPYT_9lA1Zu2RuwyYvd3yEE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A27
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2MzA5MDY2ODM5MzcyOTI2NA%3D%3D

170 B
188 B

173ms
65ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2MzA5MDY2ODM5MzcyOTI2NA%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 07:22:28 GMT
AN-X-Request-Uuid: daa2bc5b-6484-4245-8abd-89453c9dc418
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2MzA5MDY2ODM5MzcyOTI2NA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 4B51 30 KB
11 KB 56ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd9ml2snjr0Fs2n8mvGc3HuhB17m35jfc48RwSRV3Kvmfg2UEZBBsRB5NrVxOwuXzSeha4_AbP3HsFFO5T-mNfVhlty5Hfk0WtUtOLz7OiJBEO7L34rFny0Td3vyilf80CruaZVvwX11CsqbJdXwaXEPkuZGES9Ho1Eiwd2u_CAmrpvu8&cry=1&dbm_d=AKAmf-BQSTfePDIk8jILe0LGkmVFRbYcQeOr48A5hdwDCGgpAo2WHQqVBzodWSl9M5_SkYx-Re7RZg_-8s_RiSRRpymiCLww1uY6mWQBEy5b3ApWoDwV5-VqXPrNsYO-bwCj7BGbecEDKx8SEVULCMxsi95-TBj18KUuwI6yeiFTa8e6J2d56O401vd1wfH71iqJLvtWWhFOxyT5e8xrql3JIGMwC_qDPbhTzuCeIsNxH0pnZ3cQVJUPa7xWdV8m830aZHd2s4DrJryqfcgidSnW5ytA2rM7whnwmA7Vg4HZSzJf3lhoJ7qiY6Gg5dBnNh-oM_DMU9mhn0SigWP9jbnG18hNr-KSeutJQwdZDr92gJ-lqQzqZnAZG69Aih1DSEh65Lu8ZFFf3jeehqV_i9jAZqnB8TUOlGbohJmx5Va5TFQaMCPr5gniPxeneQubHyg2tQMK1RTpU3EBOxXQo8w4IO4dV_OOovS0-VYo5q3mN2lKl_iSTWj-X4_zV6ASbL6Q0HhBH73vCSBSprf-rPKo6Ljh5ojmWyt3Vgu2AgPCJR958KxPfdKWzoCNNx1Z5RqG1YmkgVwuT0BtJblklD6LhtXSvA2BMS776t0Y-3Y3SO6QQOgtmmYu_Zmzq7SuNKA7To-3SC66cxnDRIMjuIgOr9rifW7y0M7Qywyt3zVVYgzUBtbiXqqY7Q1GKmrqFwqirTQAm_HH7Cso2EmI-N6-fHILvoG5i9qeneiH5CC8doilj_9_PBaTk1Uouu1YPTtIba_UO5XIvtgJd0j9uu87dEe_5Kfbaph5nFq0onlDAbr-80-n29fL8MWrz_sG1gAfcFvD0VQeRdk2-uevI72FRBQwm4UoJ5tnpegQJhkC76A0hsCmDlXXqh6ix0s9khvlGNj14EKHlOEoSLpYBzg6cDVfcC4Q4eVxfkd0QQGwf_0ZR6NUZhf57FvPVBZdtpAG0Nmy1Z6Ea1JjXWMskcy1hU3u8K8CINf2i_ANSJ7i14MrzpKn5VBB3HIiYuwobbFtl5-BzVG3_25x46D7k4AXIppfMpUSfkj4cBalOMUoOJCOa6gwPwkRUFArcNNh3r9n9zym7hA0KNvevjXzUw__Gkar4Xhj6ryvPWYDcJ0NFAHD4j1kkmUZPpjB6K3XooykkAQmdGd13RzfDqb2FdClYTPT1AIzEMA6tZoS3_UXNea1EGzvmkUM2ILnkO1hjQMuXlNG3PM7wVKxG4OALlcV9LunQdiBWalXAkgdEOsR8BQoWaWFseaBUDLxHs1KgRl4q8ZeB53K-BMJzmARsD6kqmY1spKarUq_tVjwbCgz9Op6fx98WCMEemtphqkWR5AX9GnM1tRUh_XtlbEARkGsApSJ1DCem8hOyuAd8ffq7DFOqcpatyCiF8mphDJAb8ydjVhA8_AE_5aobc0ueryR0A_dlBgfkx9WbFACn9GpBBmAgoSkeGkcK4Wunt0jwNkt6c0PxB4Aj72IAJ_wmrhZNTOA6beaTx4R3C1Yx90EmJvosJbfjAsLcjyDhrZKGnRG7Ied6_X4BkdjOikNx05JurQtHi36hATq-fJs8mj5tuFH9oLGgsQm9Q3-_WOCd4DxVEo-lB-v81GjTpZfae3trX9HlEGfjXdHpt1r0XVX1pk3BQhvqKHI-ns_Q8X5qMjw7RaYElP2xBdd3I-NJHV_ZhDraBCb2VhORD6yY2Ob5-FdIotvR8yyvEHo9Ml3lF1AuVSUfZh4OeNhVK6ph-69vUlYTgKAQtAr6vszH3PXDIjXN2ofVmkUwAQHyj6pWOVM1xuZDmpsw9VVM_GtI3cG6eIBz5WZa2OksfiZcR62Yk4zKeZkra4aYBQkhykbJ7eu_dpIw3CIdEVlijFU6KZ09V8eMnoqHYmp8bHUboO8CXZCD2prGnYGqQzPuVm2pw_-N8djic_yDhjYbob8mndL5HgdlAmVJ86h0rL2JFv8tvhruh-4fGfqbRadnL4CMcizKT_7PYeCpRPXMoFP3KYz2f0WvkIE_-pV4O_KXBKbCVLJ666kMznK9UrfnQDW2AguGQxgwTalcrLaHvUS0Lzh9Sh765zRC-5bb1Qmk0msz9s2YocFMnoBxgEOeSREmozV1wvlzEopBxYfIdF_3EYFAuqz3apbLPgnInrtxm89GwdFdU3R_DUFsSY5djvk8JO8eywtnhnjVT67_uo7F1v93RuQWdLphhzJuxBPfQ-SBPd1QW_ZfIaGaSFQxQ2_V2vCboHrAFWdZyu0-CpwoNPNBmwMwPNRAC9mP2WCpEPFoUI_tBK9DqjZbqdUJRFBkLnqE8_2m8Z0FPnjaptjzzt9bONRpDdSX4FzUuVTVHS2VtIZFJf8lmZ0M9Eb-bveHyJZpT4KkG3ejj_5E1bbsvG3mASf8mr27VEW-rtnu9QpRfSHhZDoOYUw33P7BcTHZLooacYvx60FMfHRJZ-ZuusM9Cmij_E2LxVa_7MrWyokPVxrYSPpiFA9uABpo4eV49ouag_QQffDhuOHUGNIE6DqvueFEQC8J_cQyVZJSfqvc8WRRE6jmRHbBQ0DbvHpK-2WUoUvweTKPEDLw8mGIwRDtlrFkKYHT-WfaZ7UekUbiVDNQMcnzCknF7j5cXFOgMv2FMLObm4iLnsWahQupYtRpsFP-q8bfh-CwKXrYi21QkwteCVfIVUjxPW_bo5LbLIYBd8xNN0D-Lp8RQ6mp_6sM0Sb1vhDqvrbudANzYg-KTQCHcIniGY-MGhpoSZQXmHZLKl7dvnFnKCan9tsf6vDGzEHynWyo0DKlSFD0i0R_Xwb4pCAKO6LSWwv7Q5u2D2390XDhxKQ_AwfY9_PwKEyaOZfII94ugIe6hZTAifZE5E3SzIlHiPcofGiRbBqv6A5WKsEVRj54-aGmavf3TBsbZwMMGyaNK41MA6eEqX565WRKTo4jR92G7jj7m85024BdOcqKmoapJUP2OD7orjqjrjn-av-8yy7ZwlUyclXSCqw0FlXnl8ZaDTZJqp6H8FBUzTZnI-iz2wF7wi6Fk75NhDkAqGp0OgQPE9C_VrjXLSSXtOZbcW9ESJul4G5aeLYOyE0CjZ-4rUYEHSUO1uDD4eGnn95mDMVoW_C-Q4SXV-lidJcupTf5wB7WLn6ZQURFj5cyKe1hKYz-QCKHOPd2WbXP3j0Jky2UnW05EXDHKGWU4OUHxb9iuK-rFF1SoWaXZfMaSrXlgF181K6nQ4CDhI060GzM1dHzsoT8S5J_27yJ0Me8OtT6R12zO_biJh2aNnYSjvLx8pCBIorGpUUn3apOKw68vV6gM1dMK5d9rAlqGERYKkV4a-tQM8jl0fxmhkHYn3A-FiNlZ5-ieodQTBr0REI2-SakE78nHY80IMMS1kWfTpSCpi4Px3TCTYSXUF6Mc0b&cid=CAQSKQDq26N9rpYO2hhMYCQuiDGLjEcjH4aTqLpoYxttQ5AuR-Q1r7M1sU_vGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.oferlo.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 21:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
server: cafe
etag: 16485072225624805710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 21:56:50 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B51 41 KB
15 KB 65ms
59ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 12:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 12:01:32 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F66E 22 KB
8 KB 163ms
53ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 156055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Nov 2022 12:01:33 GMT
expires: Thu, 02 Nov 2023 12:01:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ebStdBanner.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ Frame 4B51 222 KB
64 KB 196ms
56ms Script
application/javascript 95.101.54.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCYSais71kY6viEoWAmwfopriwDr7TrJls3IXcksEQZBABIOz4qCNglQLIAQmoAwGqBPoBT9B-b7LihV9GitJcqHGnfVTiwHN097fFmZ6_3px8VFJt9PP20_NOn3-6VemkQ4cj5pHY3DKj0O781un13dzRSLT3cXmXKBgFoIy6WJmc4CikFdXPZ_GQorhFRQWURWC38NysVvfkQ5K9tF2BoVHUwC-Lxlkh5g1i73pwKsOUV-FR2eFqXy7wyWR1rtZDzTGs9JTIxpEhMhr7LSb_gVKfNZ2EswyYhiXuMsOOYpedBVDOI38H4tH2DkzjCZBl7RcwS_LMtaDlD-ZTwSriuvuisHCqvx9xmE8p64qYmh8VNPsK9fBqsBlhsYZ9iOu6ntxiw33cyCnR8oLZc8AE-YC_jYkE4AQDkAYBoAZNgAe87vraAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbATzKXgENgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSKQDq26N9rpYO2hhMYCQuiDGLjEcjH4aTqLpoYxttQ5AuR-Q1r7M1sU_vGAEgDg%26sig%3DAOD64_2KdFoZ-r8n_la1V3DR_9b1VRqKOw%26client%3Dca-pub-1447540957213601%26dbm_c%3DAKAmf-CITxuulZj1ofyO_7ex6-xSng2N2I5WeGOcfgzDcSI9Y6sNVx62gsnvp76pzITebStB9h_rF7VLqqaKvEAN1eeevz0hFpd0OIPD9JB7tJqwwFamxN_ZFJADEFuO4pH-CzT-IVcy4CF_QTtV7B4CwQu2VCM9cHJ8D-gY9qJ1km-Uc_FWPsI%26cry%3D1%26dbm_d%3DAKAmf-CoEkWvAaV_IIC6UhoojpR1nCtm0ADYH1eJ9m0UvOcDtWQTEHKNu9dbLhlRiVL_vMEEEsrEyXo1sC3BhJXmfLn1DajBwHhpxZue2XrIMNEBfykTJ7LxcC5_FvAxYCRpaAgT0hzfZ3_BOvOvYlyUEFxdvbpiLdS4Pu8xvi6x3ew765bP3zeBZx05U8qdp8OT7o19FapZJdZU3HKeiCfJARbYfxSKRRFsFTGxtISrjUhLCsLszdVbUXXneQGwJcUNsIJ2wRPypVaqr1zzY3v98N4cVlx0xASgHgEXaaWPGYoZ4l0QX3ypmcPP1CQKBLRcOlhgwYT_Oth-5dg7FsJkYB3eWGXF_K2pqiez9S5d59UesmiULHbZ4JmlKOHkP62Ex5qUtLlMx5QZqqu-DgUoH2ckF2QMWC9Yap7aWvjLiP5K5ijKZXFNCAvfikB__ecsMiMWUPmD5fHzhNXRjId7ppfksLz9ebBq98JxAaIzJNpyrksYWTIHBVKBzT9eC_2xXOyXYji6jgsvJuIWUO8Y5fAdBdfRVX_-WP4pMgfHLpzekSByb-A%26adurl%3D$$&c=28&cn=display&pli=1078328944&gdpr=&gdpr_consent=&w=300&h=600&ord=[timestamp]&pcp=$$ABAjH0i8aUhOxRI-e8XXWjxJ5qOc$$&z=10000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-200.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8ec5bd4e68091bb43fe87be05228cbc56e134f25555c71914b9bca20dd83fb94

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 12:41:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C3
etag: W/"a2b1e8cb4e5cadc1e33fd7ff33b4c24f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1684739
accept-ranges: bytes
x-amz-cf-id: 5nT5aSs_-Uxm3qvuJti5vFeQ67V8e_txMRbe859FyY6XUzFHFI3XpQ==
content-length: 65243

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7842 1 KB
643 B 54ms
53ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 52931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:40:17 GMT
etag: 48472445140208031
expires: Fri, 04 Nov 2022 16:40:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4B51 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc7d17681dbd69473d4e1a68584f2137f4be53484139e8dd0d307cfb08fcaab3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7842 35 B
463 B 195ms
63ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJruQju4uahwrUmoOoWJSrI&google_cver=1&google_push=AZmPxg9wM-VadZTkB_gliFkIHeqNl0DQ6bjhVXLTFnYPld23JpmJwwd7QQ0btXZ_o3OgJIEUGWhxqfB3e6h60CKTY1iTlbEe8H4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7842
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8qpGwtrrde1b1KbD7KRGPnLGnC4qDTbGDj6bJk6NEJflZ0E5YwVnvzTlzZsIHJWwu6HhXErr8adFyml59w7tdMa5tl1Ok&google_gid=CAESEBy1q07QB4paFI-19JPtPCA&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLT7kpsGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWm1QeGc4cXBHd3RycmRlMWIxS2JEN0tSR1BuTEduQzRxRFRiR0RqNmJKazZORUpmbFowRTVZd1ZudnpUbHpac0lISld3dTZIaFhFcnI4YWRGeW1sNT...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwejkzeFRkLVpvVmhza2Z3b3JsX1Vmbjh2ZUlNd0xVWi1RNFpxdksyU1ROVQ==&google_push

170 B
188 B

67ms
67ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwejkzeFRkLVpvVmhza2Z3b3JsX1Vmbjh2ZUlNd0xVWi1RNFpxdksyU1ROVQ==&google_push

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 04 Nov 2022 07:22:29 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwejkzeFRkLVpvVmhza2Z3b3JsX1Vmbjh2ZUlNd0xVWi1RNFpxdksyU1ROVQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7842
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8kMFjR...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8kMFjR...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDQwNzIyMjkwMDAxMzU3NDc1NDA2OA%3D%3D&google_push=AZmPxg8kMFjR2kjODL1jA6k6rZdZY90ckJ3PeA2ONxRQ055__04UQTNrnOMF6Fbkh48LYX...

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDQwNzIyMjkwMDAxMzU3NDc1NDA2OA%3D%3D&google_push=AZmPxg8kMFjR2kjODL1jA6k6rZdZY90ckJ3PeA2ONxRQ055__04UQTNrnOMF6Fbkh48LYXvy6gcKR5UmpuDHfEJM1GE3EsV10UI

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMDQwNzIyMjkwMDAxMzU3NDc1NDA2OA%3D%3D&google_push=AZmPxg8kMFjR2kjODL1jA6k6rZdZY90ckJ3PeA2ONxRQ055__04UQTNrnOMF6Fbkh48LYXvy6gcKR5UmpuDHfEJM1GE3EsV10UI
pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 04 Nov 2022 07:22:29 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 7842 43 B
350 B 178ms
63ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEALc9Lz44aeyXWrxBTz6yqc&google_cver=1&google_push=AZmPxg--l8bwRL7KbeFvd6c5gWMI-60iJ4t8dHoJO5HSou0jDXzpNTU659h8n7V2BEQkkS-7cITijFfuVqJys6gj4quWxeT0gXk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1667546546&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546589&bpp=6&bdt=400&idt=247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8521646978737&rume=1&frm=20&pv=1&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9Mt2Oq1bMv&p=https%3A//www.oferlo.com.ua&dtd=252
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 301m0srudf33ls8k355aaherugo91shk

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7842
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qxn6Eh52Q_-s728anBpd-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qxn6Eh52Q_-s728anBpd-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-f2fXDOiLqFAIaIqFHbPHPpXp4_wrz8UF5UcMyipaKudsGZToQgxzhKjlR7BHOyNvER8BUDL5Houxgl7XQa3hH9V6kGw

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qxn6Eh52Q_-s728anBpd-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-f2fXDOiLqFAIaIqFHbPHPpXp4_wrz8UF5UcMyipaKudsGZToQgxzhKjlR7BHOyNvER8BUDL5Houxgl7XQa3hH9V6kGw
date: Fri, 04 Nov 2022 07:22:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7842
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBLnlPzzjZyhnYcRdJSf-og&google_cver=1&google_push=AZmPxg8oR_JSOrH_q-ZAPg90YSXJKrX68s1-ZpN0qKy9AmAtSrTl4xlVqsIJyZwjNE-5T5d2Olx...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEyNjVSWkEtMVctQlIyVw==&google_push=AZmPxg8oR_JSOrH_q-ZAPg90YSXJKrX68s1-ZpN0qKy9AmAtSrTl4xlVqsIJyZwjNE-5T5d2OlxZxijpQiHAfZkYslv3Sb4afos

170 B
188 B

63ms
63ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEyNjVSWkEtMVctQlIyVw==&google_push=AZmPxg8oR_JSOrH_q-ZAPg90YSXJKrX68s1-ZpN0qKy9AmAtSrTl4xlVqsIJyZwjNE-5T5d2OlxZxijpQiHAfZkYslv3Sb4afos

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEyNjVSWkEtMVctQlIyVw==&google_push=AZmPxg8oR_JSOrH_q-ZAPg90YSXJKrX68s1-ZpN0qKy9AmAtSrTl4xlVqsIJyZwjNE-5T5d2OlxZxijpQiHAfZkYslv3Sb4afos
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7842
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKA6POVixnpEKHq7081wh-k&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKA6POVixnpEKHq7081wh-k&google_hm=Y2S9tB80jk0QzFvsN-l4CgAADRQAAAAB&google_nid=index&google_push=AZmPxg8pmwvubzjg3vY5c_N39E_rM43fMDxAG...

170 B
188 B

63ms
63ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKA6POVixnpEKHq7081wh-k&google_hm=Y2S9tB80jk0QzFvsN-l4CgAADRQAAAAB&google_nid=index&google_push=AZmPxg8pmwvubzjg3vY5c_N39E_rM43fMDxAGK5Pnryd0l63lhyj3iW8PlVvBBxWY5yTspgPNjZ2qsNAMauOw_S4PfXYsA81UA

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUBiEyGSmcQZflAf2XqXcJJI1pr%2B9TM9y4CgcE4n87yxvBtw23s780LqGIZV6oQZbgzztkveQLtxWMxVyXFhi53bV23KC3iDn1%2FxLYwHtoRm9PNhKlOR6eSRaqbciqXE%2B9BSsBLR43TCcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKA6POVixnpEKHq7081wh-k&google_hm=Y2S9tB80jk0QzFvsN-l4CgAADRQAAAAB&google_nid=index&google_push=AZmPxg8pmwvubzjg3vY5c_N39E_rM43fMDxAGK5Pnryd0l63lhyj3iW8PlVvBBxWY5yTspgPNjZ2qsNAMauOw_S4PfXYsA81UA
cache-control: no-cache
cf-ray: 764b994a88b17726-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7842 0
12 B 156ms
61ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkVSecJGwL6QKMIRKtIcqT8rYYVC63gbL-MORzcKmXIaAEY0wKeeM7ggTKzenYhATwgi25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame F66E 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 05:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 05:46:57 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/ 150 KB
51 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211010101/reactive_library_fy2021.js?bust=31070696

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29a66c2f241cda2f1589a9d646bf7988951fc01253b868715cb84e65bedf8ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52154
x-xss-protection: 0
server: cafe
etag: 6864927924880749178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 07:22:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 109ms
108ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-1447540957213601&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_94_0_0/ Frame 4B51 7 KB
2 KB 56ms
56ms Script
application/javascript 95.101.54.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_94_0_0/URLUtil.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-200.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 12:41:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P1
etag: W/"5ac70b83663a79f3a383c3a53f62eafd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1684672
accept-ranges: bytes
x-amz-cf-id: N7U_5TQljkTAjB0s571zPYY9zxP8FeZV5koYaKi2bMNDeGL75geMDQ==
content-length: 1947

GET
H2 200 Amazon%20-%20TA_DE_Apprenticeship_Awareness_Tomorrow_2022_23_SKU1866_DADVON303914B%20-%20Jennifer2%20-%20300x600_73255889671301944.jpg
secure-ds.serving-sys.com/resources/PROD/asset/119359/IMAGE/20220825/ Frame 4B51 133 KB
134 KB 68ms
67ms Image
image/jpeg 95.101.54.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/asset/119359/IMAGE/20220825/Amazon%20-%20TA_DE_Apprenticeship_Awareness_Tomorrow_2022_23_SKU1866_DADVON303914B%20-%20Jennifer2%20-%20300x600_73255889671301944.jpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1667546546&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546589&bpp=6&bdt=400&idt=247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8521646978737&rume=1&frm=20&pv=1&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9Mt2Oq1bMv&p=https%3A//www.oferlo.com.ua&dtd=252
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-200.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 0231177748b4424384268858d78d39c01123522edf57b5b10a76b1c404ec1326

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: JV0Jk_FN40gzgPdQXZO.ukrydxWRJMlm
date: Fri, 04 Nov 2022 07:22:28 GMT
last-modified: Thu, 25 Aug 2022 13:24:16 GMT
server: ATS/7.1.0
x-amz-request-id: PBB8YDXMYD9MXGFD
etag: "84d87e942b445dc588cc95aaf8a91db4"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 136684
x-amz-id-2: NH60pzVxbKp0PKf9ykE5WRKLLHNZswVcR3zx6Z9CjhLv1Obw/tIS+88B+Kv2HPSPmB+e7twG2c0=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 OBA.png
secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/ Frame 4B51 1 KB
2 KB 58ms
58ms Image
image/png 95.101.54.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/OBA.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1667546546&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546589&bpp=6&bdt=400&idt=247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8521646978737&rume=1&frm=20&pv=1&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9Mt2Oq1bMv&p=https%3A//www.oferlo.com.ua&dtd=252
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-200.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6ef81d1a436e54449d094e62ad44dc82221a1c752069947e0a2c071b49a9c701

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:28 GMT
last-modified: Wed, 22 Dec 2021 10:52:10 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
etag: "31463dfa117c756dc021835384e93387"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1411
x-amz-cf-id: yD7hxnHKmTUA34cFN4AOF7t1O_CHtUdCK9VfTT2iKXFHj2P2DDgvDw==

GET
H2 200 OBA_DEFAULT.png
secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/ Frame 4B51 2 KB
2 KB 58ms
57ms Image
image/png 95.101.54.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/OBA_DEFAULT.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=6019623105&adk=760889125&adf=1610234907&pi=t.ma~as.6019623105&w=300&fwrn=4&fwrnh=100&lmt=1667546546&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.oferlo.com.ua%2F&fwr=0&fwrattr=true&rh=600&rw=300&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667546546589&bpp=6&bdt=400&idt=247&shv=r20221101&mjsv=m202211010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8521646978737&rume=1&frm=20&pv=1&ga_vid=285871355.1667546547&ga_sid=1667546547&ga_hid=1437577823&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692&oid=2&pvsid=3389413474069721&tmod=928762567&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9Mt2Oq1bMv&p=https%3A//www.oferlo.com.ua&dtd=252
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.54.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-54-200.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: dc05187f20059fb91e255cbd76de4a7e0481e2f02d15ae5c45eeed42d59e2a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 04 Nov 2022 07:22:28 GMT
last-modified: Wed, 22 Dec 2021 10:52:14 GMT
server: AmazonS3
x-amz-cf-pop: ATL56-P1
etag: "cfebfa91510d9fe13a4186ba4c48596b"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2198
x-amz-cf-id: cUhr796370r44tvEG5g6SP_JEAh1Btv6cgjq822g6wGGY36drNGMYA==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F66E 0
20 B 91ms
91ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByAHYtL1kY6CCHZba3wO59bu4DgAAAAA4AeAEAg&bg=!lJell9PNAAZPh4lnb4c7ACkAdvg8Wk1v3jvLtaqaSanPGzG9Wp7d1eEUzxuVQ9ZSmNvhNzPyl61zTgIAAABsUgAAAAJoAQeZAsIyuCSc2GLcF7J5deXTBgJx-IvRI3IpqUcgfcwXdIE0YgAhaDcsL3PMnfjd84zymtaiz0p6QrtlTMfm7nwc3SEzWPuVVaImAkYkKmm93k95XZxcHj-80Wf8sKDY3hhCLZz4Q4kETuJMPk5f8wpHDnJ1z4AHZaYFZqqxN8xwjOfv2AmIqkBAL0FG4ZOWj8YtzXL8KEBZQwt5SzWLsE6H4EnmTuYGNThVjQV4iohtL2JVHaIDRbnaYF-sIcuwGVopQAlatUVnTwJ_uH1EitsftDrpcQnIKDC_bIuWTVI4vmJ4BlY0FaK2Yy3y9YkhVu5CcSCGHEHdRvX617lQhHf2HO-XpetvtgrEyyZW4yINAJ9KvLqX0HbHMiLg3KIG5_zYXheaFSDJ00J3fVYpOgkhKExPHsUNesAdWvfOjjqBxBFXmlXYL1OpwciF7_VPr-43GGB_lw9Izg21emYNftaxV6bE9kf0CDuZkRYOk08aEWb-0bf8eFVyMXmQxs1iYuYusehJp3BDMvj_Hzyzz1Zszc108auGKu6kJdyQprIMsMYYFQrEyhYSGbpJzbuJFnGJzVP01eJ8dDUSVemDSgc4KzEM2Cd2-boVL6VlDAB1bKx1RIwYg39aVrJfco-pSD5A-1E5kQDhpDIhKVFjXZDkuM2xl7ofXzbcIgWdt4aPgEwIMJenGpHY_y0jvmmbCSGPtfrMggcbN-TiBuaNzNa5TJbD6KGDmuGbpHI80G1rj-7cZqCDAZ0J1HmUwOnC7vh5d3WQMaahtOqMa7TkzJCsO0vCtAQpbjXfga7j_BouiCV40NvZi-p4j2HFDXZ30bCZduUiAGxAtUyigbpiEQXsW2Y-HF1sa__C7qVPWS5NvPpjdw_mLCOLbgBAP1twmn--gBMji04K_J7VHWiSCrBDQs0CVI7xsbO9tx6EIB-DjZNH4j83

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 89ms
88ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-1447540957213601&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C21066433%2C31061691%2C31061692

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 183ms
65ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 174ms
63ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.oferlo.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/ Frame DA64 10 KB
4 KB 54ms
54ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 45125
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 18:50:24 GMT
etag: 2424782735605397694
expires: Thu, 17 Nov 2022 18:50:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame 4B51 0
193 B 323ms
57ms XHR
text/plain 3.73.221.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.221.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-221-153.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame 4B51 0
193 B 322ms
56ms XHR
text/plain 3.73.221.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.221.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-221-153.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ Frame 4B51 24 B
603 B 64ms
64ms XHR
text/html 52.28.143.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=4318392139799224607&ai=1088101175&usercookie=u2=84d1ba50-6260-4afe-8521-2fc1cfcc7e75&oo=0&clsrc=2&clbv=_2_227_3_0&gdprpurposes=1023&dg=1077262695&sdg=1078192723&ctick=142&ord=0.5856906478440995
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.143.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-143-91.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private
access-control-allow-credentials: true
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 4B51 0
478 B 64ms
64ms XHR
text/html 52.28.143.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1088101175~~0~~1077262695~~4318392139799224607%5EActualSize~300x600x0x1x0000x0x0x300x600~0~01020~144$$&usercookie=u2=84d1ba50-6260-4afe-8521-2fc1cfcc7e75&rnd=0.3676974230781662&flv=0&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_227_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.143.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-143-91.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 4B51 62 KB
23 KB 177ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af24f3aad07194346361eca5f1a1df063b221f0b3fccda53da0c454c1f6f1201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:17:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 281
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23403
x-xss-protection: 0
server: cafe
etag: 18072002428939893076
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 08:17:48 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame DA64 4 KB
636 B 177ms
64ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 07:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 06:59:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 07:22:29 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/ Frame DA64 19 KB
8 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 21:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8012
x-xss-protection: 0
server: cafe
etag: 16149103330692230356
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 21:35:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 201A 23 KB
9 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:27:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:27:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 201A 8 KB
716 B 64ms
64ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 07:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 05:56:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 07:22:29 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame 201A 14 KB
3 KB 186ms
54ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 12:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 12:53:08 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/ Frame 201A 362 KB
124 KB 186ms
55ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 21:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126916
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 10:41:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 21:09:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 201A 17 KB
7 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 14:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 14:27:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 201A 0
0 62ms
61ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQn9ZqJhV0JBEgPKmxO-iTBEvxqH-NZyp57uHdIZDOCLz2uYHIhwtmOVxtndoDYWDlamQk6iMOX97qTLxiLL_HhmtMTg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ia_evt&aflvr=true&al=286&qid=CJPL5Pz-k_sCFc_V3god1tIHUA&ns=3759.5&fs=286&req=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221101%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271808%26client%3Dca-pub-1447540957213601%26fa%3D8%26ifi%3D3%26uci%3Da!3%26xpc%3DhS4dRnnVuk%26p%3Dhttps%253A%2F%2Fwww.oferlo.com.ua&ptt=9

Requested by

Host: www.oferlo.com.ua
URL: https://www.oferlo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4B51 0
327 B 334ms
125ms Ping
image/gif 2a00:1450:400f:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~la265saa&chm=1&ctx=2&gqid=s71kY4rQEYKU-wbRt7bQBA&qqid=COuH5fz-k_sCFQXA5godaBMO5g&met.4=fb.187~lb.1fm~cmrload.1hc~ol.1qn~bdt.-i5~bpp.-6v~idt.-6~dtd.-1~dt.-71&met.3=374.1ek~733.1fq~742.1fq_1~748.1gb~739.1gn~749.1np_4~735.1o1_1~738.1qn~113.1y1_5~112.1y0_7&met.1=1.la265qca~6.bh~7.bh~8.bh~9.bh~10.bh~12.bj~13.17w~14.17x~15.17z~16.1gm~17.1gm~18.1gn~19.1qn~20.1qn~21.1qp~22.1bo~23.1bo&met.7=CAUQCBgBKJ0DMK0MONERaKADcKwMeLlegAGNXIgBtMIBsAEBuAED~CBwQBhgBILQMKLQMMI0NOFlotQxwjQ141gKAASqIASqwAQG4AQM~CBsQCiC0DDiGAg~CBwQChgBILUMKLUMMOUNOLEBQLcMSLgMULgMWKoNYO0MaKoNcOANePM7gAHHOYgB04sBsAEBuAED~CB4QChgBILUMKLUMMJgOOOMBaKsNcJUOeIIMgAHWCYgBsRWwAQG4AQM~CBsQBhgBILUMKLUMMPkMOEU~CCoQChgBILUMKLUMMLsOOIYC~CCgQBRgBILgMKLgMMPwMOERouwxw_Ax4igSAAd4BiAHwBLABAbgBAw~CCgQChgBILoMKLoMMKMNOGlouwxwlQ14l4YBgAHrgwGIAYzfAbABAbgBAw~CAkQChgBIKQNKKQNMN0NODlopw1w3A14iFyAAdxZiAGz8QGwAQG4AQM~CCcQChgBIKUNKKUNMJUOOHBoqw1w5Q14k3mAAed2iAGKxQKwAQG4AQM~CCcQBRgBIJsOKJsOMMcPOKwBQJwOSJwOUJwOWIoPYJ0OaIoPcL8PePdDgAHLQYgB6rIBsAEBuAED~CBsQCiC9Djj9AQ~CBwQBRgBIL8OKL8OMPYOODdowA5w9g54lgeAAeoEiAGWCbABAbgBAw~CBsQCiDDEDg5~CBsQBiDJEDiEAQ~CBsQBiDJEDg7~CBsQBiDKEDg6~CBsQDSDOEThC~CBsQDSDREThC~CCgQChgBINIRKNIRMLkTOOcBQNMRSNMRUNMRWM0SYIgSaM0ScIMTeJe5AYAB67YBiAHL8wOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 201A 0
17 B 290ms
121ms Ping
image/gif 2a00:1450:400f:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~la265sjm&c=3555346492768&slotId=1777673246384&qqid=CJPL5Pz-k_sCFc_V3god1tIHUA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 201A 0
20 B 89ms
88ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ckckus71kY9OlEs-r-wbWpZ-ABdG9hKFt5vqm8dEQ8C4QASDs-KgjYJUCoAH1y8vaAcgBBakC6ELpiV9csD6oAwHIA5sEqgT4AU_Q5mEe2kPkjDT7iTpcmcxrWL-mMCGOXYlnTfPn2L-ZEVJlwQ_tixnrB30NKwrzLp5PmyTPtURD8PtbDvHa72y6ec4GYDuJjCRwmQaQPnaWCOsdGBP1nUG4n2RqbDoY5grLDl_HY3bwYM8wfok95t9z6iLEVQORExeX8_uTUIG5ZUnQfHLvv60t0MqSRdwFgMwifjhGkp18jWOU-K86oid4r4E0ppg1dYcw1Vj2F9nbkTP5OGOk2fcSEV3adgtN6RmoKbvXtk2BVAGDEJbiJDs3E8fOiOggdzuQKHGnYzWrR5qveR6jdTsmjfEe54F4PHC5Fr3cUHpmwASQs5v1qATgBAOQBgGgBnmAB_OztKUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBOA9v8Q0BMA2BMKiBQB2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1667546549703&ai=Ckckus71kY9OlEs-r-wbWpZ-ABdG9hKFt5vqm8dEQ8C4QASDs-KgjYJUCoAH1y8vaAcgBBakC6ELpiV9csD6oAwHIA5sEqgT4AU_Q5mEe2kPkjDT7iTpcmcxrWL-mMCGOXYlnTfPn2L-ZEVJlwQ_tixnrB30NKwrzLp5PmyTPtURD8PtbDvHa72y6ec4GYDuJjCRwmQaQPnaWCOsdGBP1nUG4n2RqbDoY5grLDl_HY3bwYM8wfok95t9z6iLEVQORExeX8_uTUIG5ZUnQfHLvv60t0MqSRdwFgMwifjhGkp18jWOU-K86oid4r4E0ppg1dYcw1Vj2F9nbkTP5OGOk2fcSEV3adgtN6RmoKbvXtk2BVAGDEJbiJDs3E8fOiOggdzuQKHGnYzWrR5qveR6jdTsmjfEe54F4PHC5Fr3cUHpmwASQs5v1qATgBAOQBgGgBnmAB_OztKUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBOA9v8Q0BMA2BMKiBQB2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 201A 22 KB
15 KB 211ms
84ms XHR
text/xml 74.125.140.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BOwHUJEI9D1sjOtiYz37gBs4o3HPsMhFUUQ7dtofLAyOtSCw5XRRKet6uzhfzSqNWS07H7WP3kIyw87UinqlUDuDf1vw&cry=1&dbm_d=AKAmf-CmcsL07qHcjUk0NL1jxiCCJllUJsPs0NBkhffK16PvDD-yS8NLyIpvQ5RwZ6_viLqZvVjXqZpk1BtTRUGE6ZKHV71ICbhWKG_LWIURsXBuPLXOd0rjfiatcbbUVJVCGZo4If9MAzQw79f3cKVEVVEFAPf4UErrWZedGrDuhWiV920GLBx-O0O7bogooZDdkwPJyA2QqlCee-12CBKdW-GxFvVxbbmWwIO9RhflJEwdt6_YdKtp6CWroGTJ7dyx7RJrQZhwEykG9Xn9dcV6jPdumoKf6I8_e4Xiq9CR8GzsCksgyByCv3R3be_D2MvrKFAJ31JsKvishMFZEYHKPUWHxcQZp_3ePaVs_hFh6yabPbk10Tlf01enjrWjYI3FbEQO_CRqbJWkYrjvUs_6Nvq_WWE1gaQpARJG5vvwvsBNcauU2xxWckGHVg_OOC8kcYVgxSOFHOgTECbxrOLZrA8T3UEFGN9W0PSb-S-VuyOEGch7FCJ53Zk-3VGfApCWzAxY3ROhRVyPvc-bCOB-mK_Ow_2lfrmqnwqYQ8sjefK75JZfP-yhIPlKsMGgM_lZkurFbwMXK_B3P1BTRSmS4C2PCzCj6-ORNwlJDqW5euIsqEIpL4Ej-zpZTqhfpdUNsWWHGbeAgYVOvnQ0SHPlxvQkuV3WI0E3Ci4TXtsnapztCr5bZK2pahq4mb5iPIVV74thjCRiXM8dvehUg-CmYArH7Q08tRBwnrb4RqRIshIMC0qBOlbpvtB3Nt_HthKEEgE_gkVP4Om4dIFu_myFBUBEy18C1rkm6EpknsmHnn4VNogJTQN6ICmXCK9cCRtd49LmNl6jmfxWbnQAjsVCDbWTkB9aIG8TrYVQUwLqii0k3XV8qSK0KjY0w0pbLn2ezNrpLZeYtZut_XiTKUjc6EJM03T8YOD7_RAksccDu6_6iFse3FCj46damKMNDIIVNm5AiFu9wWBwIwSpAxI20Xbr8w7OKQ3KuDl7N7NN5SGy52r5sGz_uGkl-c1p8kKXIz_Z-s7IM4nzy7eGYVoMLOu4rM7H9I19HsVquhzEVKDYRYF907LW6gUeW8lAKmGfv74MIecbw5-_FSwF82tMEtUmoM2IdrASV7yXpdA4L6Q-Eve-DWxdae5QFUCmeXJQo6Oms4Atp_zrH3tLjAEi0_9h5w91JIDcwpBG5P_251BzcDYxOXuIv9pkWGUkhjeER0NZzxzUnDX-LeDcTkrFL6CeTPa-7Cf9A4R2bzNO2-mRtRvTGEILY5pudGcdV08lHAEAOIIB_5jcKYtB6Ov9SzNZ65mOFYuA8iAEoJhuux1Hsh8DFUQQBT_kanTh7w-VYWsVDEFBDs7NKupaQpF6xmlndRq6pCHgO7P16X4tKFosy6E6FsfDJluYzvI0IY5kycS5qJPDbMW3qR3bucTLopEwHnPsDwot0vPhg5NcYJB_lg1EYG5Uh71k6VU2Ip11-6Fh5QYI7DY8e2qgus7F3zDiY6jgHK1JoyE2Re2PL_J1Ehoj9R-kXo9TKjs5ABY7eXdKzjOx6DYdLYGvMA7LUAIoxbD-z_0LPdHTcd8Mf1ZbCgTUakvIFb_fFkUmb6YoAl-HWHyleThAVorIttIZXD0U6BgS9LwHQO0mE_PPvAWSqxdNZdSYxzgzzrcqjKc0QXUWa27GkpTxRxG4HN2BHI-9dr6WNj-FMp_0CHYEbHRBxIjNDtvQooxe60mHsHbR5CwvxnrMaeYHjTO7WfU1C9UV3U875DqUJjWAEWVz5R2yxrEVky29XRpcklfCmkOoJZvnbZmfTACWf7i5tpVyssMUWifWpduhHXgjLTTlnJcaU3JSApR22Hcu2SCI0HKuW9ugA9UL5abpLrc-YbxZ1A91LnFfpE06czf7Qu-0xPLFPl49J3jDq9jeElrtuJAI-40JllYj1nWVEjKNZjgSkB1_bY_AWZN4cJwAbjGsacaGhqa4gUsbvld62bOdpioKHZRAqd_lwRO_vFzURbo5HUbAv6icggKVLRdZ7PGEeLDI9RBr7GIghkBEasEq_5ZnUnNidqxxwPBpGis-8UbzWrSxy2nNBBpQZSDOCV1kKinzwxpno4B17JM4UhCAvh-bDOmzwj1S0ThKBkdJEGJKMGkEw60Wtf3kqc_ukjNzPk245EWHJFub8YLhvL7qjASL0WG17gf_7MydYg4jIvzrL-9UjraAP9I_2wbS7PXf2FAc6dm5gcvBMyk-GWuzAT7VZEeElmNct6in3uTQpvx2gNbcP_mx86gkvL84wxcEWcN9NI54qE_8CSV0P2RMuC2MJCT5UwBFexy4RiS7sRE2M8NuCA-EJQ9YzizjYQ14VDTheOUrXLO-ys_jhoQSJTyAU8JG73MCbgUjNcpkFtAklE1HTPHdw_Qvj4zE2r8N5279upZOHt4NUbxVmlDLyFyUf_ByfEMhNjqVTeSXRSROYkyNFqc0bgOuxLYKCWpqXEOFzf2d0i4CWSuAkWny9wvgyDu0ic0xp0P7qIDlVsxKt1pQcUeQLV3JBy8B6DUW7_x0BevlnwBl4w9TZR-boqKPDvgT27NNENZZC3AJrDwV-mSwjVGDi6RuZX8oNR_Cb2zYrXam0BeDGAAwLmA-iV4sxJZhVU7tm0YviHcE7oUvcwJSAMg6ZkA1xWXOX8_tOhuK0XHu3lvCJsGGAXUktyJULlXVfrMIvTI4SqYWfjZs2RvPPy9wJ0xWcliaXLd1dTwxPBTLq4l1-0cf1ldnEeGK0ZK6PrDE-MYe4P5n6DwOjpmnys3xZYbD1x_F8bt4CUCWMfWOjfhwR-le_blLj0f5FNNVjQEYnw7cjztTA3FAhiNd1kZs3CkweGkhhELU1ttbJZCWTYmhtkSCnzC7eBHB6jVMLY2u6S_BdA3BFpy1y0HmF18m-BZRIHfoU6gz7LQKTHZhhdC_EG9XCB8I8zpUgad-ydJiaobVzk1flXtqsC2D6zYIfyZF2LztE5EO_q_Q7OO-TPbWAt7rGCdGPkvK5SnrnCO-ODsDcdudawybXP8Q1m-L_PlOx89y3KF5f73pGex3HDo8Rzb8EyvgCN1DSXGMauxgBEGuqCJIfqecPy7N2X9iRm6zMoffToVzEG-srEz4QgBZaPluc2ficp0LRj04iHIHXXB7AiG-dABYY4d--444iocdlEoWS-777c1_w6rGYdo9tkgD-L_3QwMHrHNkqvnyF0h_qt_3ev5X27_4IJ7lnl8z18ETVkJ99BGaixF1vDi9LZ7cEnHt4HU6tikah676VIF0qMVmnic9MSGjE3FkTJ4hIhvOvBs7D34WPvYEJuxUZ784he2bpSB8zreCZwzsy_uPMmjpdDm8IrpLq_np594z_MunDdtAh2axvJmjCeLCqYd4JSX2cT0ik1FMuGcO-OBzv_JOrrxxro2S5KN49sunB1K4SDecJQlMvIgfz7-6qhLhQI8C_CdWFKUdKjniBabbqV6e0svFQzdRd7Ty11K1KiME-267ukZ1493ldWCXC6Xx6l7iddv2A7mM16aZjxvqJEz_NVrWUOUgRCVKHvOQ3zDO1kK08yV4eybhGzE0yCizMQpeVlU_qpNLYZW6NJzCDhpmdrpOki9akvfjzlJ73iBtMDszQpWAgDtBSXuNEq5Uwx8ea8MTGdkdsw9MuWXXvgyeh8I8oCTPdCIAUgCYcCappqbc-l-PD-pkIfMjFRI3jhI8AtQtnFWzSlv7nJaPid4Iq2_1tb1SKTcGxA6mfd-EXnJn7b3OD7jIsi3cgkHvovcHcYmhpcs07XWH&cid=CAQSKQDq26N9uEZL5YTSMX7vphJALSH4wYNTQnGopLtSJWIZPRTGSeOBxoe_GAEgDg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f155.1e100.net

Software

cafe /

Resource Hash

07f52ce833cfbe268e130c7bd593d41b7f2d94a15c550e7434803c5f14652f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14788
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D2B0 1 KB
643 B 54ms
54ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 52932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 16:40:17 GMT
etag: 48472445140208031
expires: Fri, 04 Nov 2022 16:40:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2B0
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBwKVPdN8mEyClFxExgWHbw&google_cver=1&google_push=AZmPxg_N3y5v8w4-vWayB99IKR_2Sql2tvhrwlj6kAh4QhJvX_q5hJuUFU...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_N3y5v8w4-vWayB99IKR_2Sql2tvhrwlj6kAh4QhJvX_q5hJuUFUypF_1hEbYIgkYuE97gJN_vD4S2FEG_6raC_jiX7NG4jf9oFkU8e39N-DwDEkHvBAT...

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_N3y5v8w4-vWayB99IKR_2Sql2tvhrwlj6kAh4QhJvX_q5hJuUFUypF_1hEbYIgkYuE97gJN_vD4S2FEG_6raC_jiX7NG4jf9oFkU8e39N-DwDEkHvBATeB_upkcEWZfABP44Urp0&google_hm=_N9VUfT1J-FiLpx79JldDg

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_N3y5v8w4-vWayB99IKR_2Sql2tvhrwlj6kAh4QhJvX_q5hJuUFUypF_1hEbYIgkYuE97gJN_vD4S2FEG_6raC_jiX7NG4jf9oFkU8e39N-DwDEkHvBATeB_upkcEWZfABP44Urp0&google_hm=_N9VUfT1J-FiLpx79JldDg
pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame D2B0 43 B
356 B 203ms
63ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEF9s8B8pzGsdQzeeOaDQ17g&google_push=AZmPxg-CVnK5IKu2bDcEP03kr8J0UN61bDObIycSAPdpaXfeXtO23yoGxkdckwt7tRjIpHsU8fLFPJy-jizK-NHCQ0tvRO1S_2dU0Ny8ReMg8FB9tGzeto0OoqLJzJsforw_XNUsmk9uXL1W&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame D2B0 43 B
64 B 122ms
64ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEB9diH7R20zYZkHNfrSntTs&google_cver=1&google_push=AZmPxg-Kl7JRizOcvwVBHZG5Yx9aKD95ylNMiL-R-tAqcN9ppVhDInhl2s0CroIZy9F3zWgWlsv4XQmhbULGvwT_i4KnpaaifMo6p4UoEVHa3HzH1Cin0B-0tdXHpUbs3YeX64kbqW1tSKuH
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: hdnjq1m2jkn7mpha1hgr1bmpqkl5grv5

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2B0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qxn6Eh52Q_-s728anBpd-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qxn6Eh52Q_-s728anBpd-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9xIqfsPpLm-uFcOfY2Lv-l2JSuJhF9bdXKVDBCjZZ9ZTkSn6ynmU0AxZb8KNnlZXaLPTVXU4WbxJBiqOPFSlnMDZbOmKabBWdKMOSYxI9r9K1tzFyk5CW0pXP7DVupwAnSLPDHqIv9

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qxn6Eh52Q_-s728anBpd-g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg9xIqfsPpLm-uFcOfY2Lv-l2JSuJhF9bdXKVDBCjZZ9ZTkSn6ynmU0AxZb8KNnlZXaLPTVXU4WbxJBiqOPFSlnMDZbOmKabBWdKMOSYxI9r9K1tzFyk5CW0pXP7DVupwAnSLPDHqIv9
date: Fri, 04 Nov 2022 07:22:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2B0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPRZVsA217lDcw6ua--4ZJA&google_cver=1&google_push=AZmPxg-h1oMFnIUfKStGWV4mkSsqwUzORy3LiqJtJWtsR-sNsiGshfcUCb8nz7x7NrIl6sX2rxw...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEyNjVTTVgtMVotRzZHQg==&google_push=AZmPxg-h1oMFnIUfKStGWV4mkSsqwUzORy3LiqJtJWtsR-sNsiGshfcUCb8nz7x7NrIl6sX2rxwEWqB56opjb7kuwOOf34RECTCfh...

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEyNjVTTVgtMVotRzZHQg==&google_push=AZmPxg-h1oMFnIUfKStGWV4mkSsqwUzORy3LiqJtJWtsR-sNsiGshfcUCb8nz7x7NrIl6sX2rxwEWqB56opjb7kuwOOf34RECTCfhdh9p-nvEvFV6gKDt3jARQbI31A67h99rCJfGMXgBJ5S

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEEyNjVTTVgtMVotRzZHQg==&google_push=AZmPxg-h1oMFnIUfKStGWV4mkSsqwUzORy3LiqJtJWtsR-sNsiGshfcUCb8nz7x7NrIl6sX2rxwEWqB56opjb7kuwOOf34RECTCfhdh9p-nvEvFV6gKDt3jARQbI31A67h99rCJfGMXgBJ5S
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2B0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKUqs-CBXQP1MO8j56XvCS0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKUqs-CBXQP1MO8j56XvCS0&google_hm=Y2S9tB80jk0QzFvsN-l4CwAADRQAAAIB&google_nid=index&google_push=AZmPxg_aJ3EVCFXBnNWnIH7AdDsqzv_MHAJts...

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKUqs-CBXQP1MO8j56XvCS0&google_hm=Y2S9tB80jk0QzFvsN-l4CwAADRQAAAIB&google_nid=index&google_push=AZmPxg_aJ3EVCFXBnNWnIH7AdDsqzv_MHAJtsV4d4APH7DvT7wCYHhBIi1iSkLQ4FVTnP2NDEaH16l_teCK0AYOiMRT2KmFPTAkuHaWyvPScfm8RO2W106EsitZXKPc4zarTdtteKaul4Uz1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hFOyiSoWJyr0nk0OOZCuHlG0X0hUyzSNeflACuqctiqHH%2BPq67TDLCWc9ZQ3mVJk5aA9khYgzXM4m%2FcH73Eyo2XObR0NVm6Lu9D%2BPRGFzJmumJvliX4U6VFQ9TzTgQVc5LQ0Mru1DFNKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKUqs-CBXQP1MO8j56XvCS0&google_hm=Y2S9tB80jk0QzFvsN-l4CwAADRQAAAIB&google_nid=index&google_push=AZmPxg_aJ3EVCFXBnNWnIH7AdDsqzv_MHAJtsV4d4APH7DvT7wCYHhBIi1iSkLQ4FVTnP2NDEaH16l_teCK0AYOiMRT2KmFPTAkuHaWyvPScfm8RO2W106EsitZXKPc4zarTdtteKaul4Uz1
cache-control: no-cache
cf-ray: 764b99509cb2407d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame D2B0 43 B
296 B 314ms
45ms Image
image/gif 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEA-S_CHBZG-xmiReu0oqoys&google_cver=1&google_push=AZmPxg-9Y8NDf7IbwbnfWhcyUSdq2B3YLGS5WbtCnwv_3clX9hbx1nNskF5CyMwwAzwF6XQG0N2RNPw1xFu4Qre9GJPj0uGZrowMoVQvHFuE2WKZa_XkuOC47P3y2D86xFBG15Fbgt-LuH6K
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Nov 2022 07:22:30 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D2B0 0
12 B 63ms
61ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXlfcUcy1VLDusPsLjgmYUXEN5Uw1jZEJKmyXb5mQ9pogTslCKQeIUHslAoFRxZyh4kOAe

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 178ms
68ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81e16def48f9f480860111ee6a037e537e428e423153820e628f2314d5ab37ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11225
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 201A 62 KB
23 KB 163ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af24f3aad07194346361eca5f1a1df063b221f0b3fccda53da0c454c1f6f1201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:17:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 281
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23403
x-xss-protection: 0
server: cafe
etag: 18072002428939893076
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 08:17:48 GMT

GET
H2 200 B28752868.350012127;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text%2Fxml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=;dc_osd=2;dc_frm=2;vi... Show response
ad.doubleclick.net/ddm/pfadx/N1456693.2280103AMNETGMBH/ Frame 201A 26 KB
14 KB 214ms
90ms XHR
text/xml 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N1456693.2280103AMNETGMBH/B28752868.350012127;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text%2Fxml;dc_sdk_apis=[APIFRAMEWORKS];dc_omid_p=[OMIDPARTNER];gdpr=;gdpr_consent=;ltd=;dc_osd=2;dc_frm=2;vis=1;dc_sdr=1;dc_sdkv=h.0.0.0;dc_sdki=445;dc_eid=420706098%2C44729911%2C44730425%2C44730426%2C44752538%2C75259414;ord=[timestamp]

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

0b3f9775925a4f0958ba8238dcf808f8ccc716f4380e0e032b4b6c997e4eec24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13881
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 07:22:30 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 201A 0
17 B 126ms
126ms Ping
image/gif 2a00:1450:400f:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~la265sry&chm=1&ctx=2&gqid=s71kY47KEdeGzAaDtZGABw&qqid=CJPL5Pz-k_sCFc_V3god1tIHUA&met.4=fb.t~lb.b5~cmrload.d2~ol.df~bdt.-2ey~bpp.-25r~idt.-1xy~dtd.-1xh~dt.-25u&met.3=492.b1_1~518.bc~113.ix_3~112.iw_4&met.1=1.la265s93~14.i~15.0~16.i~17.i~18.i~19.k~20.k~21.k&met.7=CAkQChgBIB8oHzBWODdoIHBVeOBKgAG0SIgB3bkBsAEBuAED~CBIQBxgBICAoIDBhOEFoIXBheNwHgAGwBYgB_D6qARgKFlJvYm90bzo3MDAsNTAwLDQwMCwzMDCwAQG4AQM~CDoQBxgBICAoIDDbATi7AUAiSDBQMFikAWBmaKQBcNoBeJoYgAHuFYgB53GwAQG4AQM~CDoQChgBICEoITDyAjjSAmikAXDbAXjw4QeAAcTfB4gB7NMWsAEBuAED~CBwQChgBICEoITBgOEBoInBXePM7gAHHOYgB04sBsAEBuAED~CBsQBhgBICEoITBgOD8~CBsQARgBIIMDKIMDMKYFOKQC~CBwQBhgBIIgDKIgDMOIDOFpoiQNw4QN4rAKwAQG4AQM~CCgQDRgBII0DKI0DMOsEON4BQI0DSJwDUJwDWIsEYNIDaIsEcOAEePB1gAHEc4gB-bEBsAEBuAED~CBwQBRgBII4DKI4DMMcDODhokANwxgN4lgeAAeoEiAGWCbABAbgBAw~CCgQChgBIOgDKOgDMKcFOL4BUOkDWNYEYOkDaNYEcIwFeJe5AYAB67YBiAHL8wOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B51 42 B
64 B 90ms
89ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskH4xkGzGTf6udh0m6B46Z4oLNflQBVn_Nm5PXz3fqhQqOBuphLp_cSajF9DQvM140P0RMA42l6TVbIJgT6hnyqmCPna8s_EatnWryMEQivNwYnKbDSTJNAz9N&sai=AMfl-YQCX9BAPyblJKQiZ4tlAz_FEgGhE73VD-c1ViSYaeVeRa5kt-Kcj1vRLLMKQ1hawW7s_jdXu-7wGJEij4jGkEOHDF18vRNBySsQsg&sig=Cg0ArKJSzMtTzOT3j6JdEAE&cid=CAQSKQDq26N9rpYO2hhMYCQuiDGLjEcjH4aTqLpoYxttQ5AuR-Q1r7M1sU_vGAEgDg&id=lidar2&mcvt=1003&p=0,0,604,300&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20221102&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=760889125&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667546546842&rpt=2149&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8CA8 13 KB
5 KB 55ms
53ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 06:17:51 GMT
expires: Sat, 04 Nov 2023 06:17:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BCD2 783 B
534 B 63ms
63ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e7787e62a2bd4073e14483a01975543844680f574340dd8fa8285732da991bc8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nuG8QeeHHAU_01lOhYFdxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.oferlo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-nuG8QeeHHAU_01lOhYFdxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 07:22:30 GMT
expires: Fri, 04 Nov 2022 07:22:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BCD2 0
0 88ms
88ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=3389413474069721&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8CA8 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 05:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 05:46:57 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 201A 41 KB
15 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 09:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 09:38:25 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-h0jeln7e.c.2mdn.net/videoplayback/id/07118e0a83413089/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810812099/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 201A
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/07118e0a83413089/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810812099/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-h0jeln7e.c.2mdn.net/videoplayback/id/07118e0a83413089/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810812099/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

213ms
64ms

Fetch
video/mp4

2a00:1450:4016::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-h0jeln7e.c.2mdn.net/videoplayback/id/07118e0a83413089/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810812099/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2A19756B671B5E26E87E9C2093DDAE3EC6C57247.7A435C863F794AD878E9B7E748BCCC54B3300148/key/cms1/cms_redirect/yes/mh/oT/mip/2a01:4a0:2c::7/mm/42/mn/sn-h0jeln7e/ms/onc/mt/1667545154/mv/u/mvi/2/pl/46/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4016::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 07:22:30 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2229714
Last-Modified: Fri, 21 Oct 2022 14:52:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 04 Nov 2022 07:22:30 GMT

Redirect headers

date: Fri, 04 Nov 2022 07:22:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-h0jeln7e.c.2mdn.net/videoplayback/id/07118e0a83413089/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810812099/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2A19756B671B5E26E87E9C2093DDAE3EC6C57247.7A435C863F794AD878E9B7E748BCCC54B3300148/key/cms1/cms_redirect/yes/mh/oT/mip/2a01:4a0:2c::7/mm/42/mn/sn-h0jeln7e/ms/onc/mt/1667545154/mv/u/mvi/2/pl/46/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 2A12 23 KB
9 KB 63ms
63ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 337444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 09:38:26 GMT
expires: Tue, 31 Oct 2023 09:38:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8CA8 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?m-7EEg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 07:22:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A12 36 KB
15 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 11:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 11:38:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A12 0
20 B 93ms
92ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bdo0Qtr1kY_KWBuS6x_APoJ6v0AYAAAAAOAHgBAI&bg=!sLOls_fNAAZPh4lnb4c7ACkAdvg8WoPD22iOTejZWlHTrCQIfuIlxiABRSs1MyXmDgr8HwXnlih5HwIAAABKUgAAAAJoAQcKADXeCv0P0lRNHe8aKA5kjf3GcMqvw9OeKwjHcB-RvcazZeD3TfsjS0NffT-CDmj8V75jGUkKyZkC8blJmDhbx7zmJvnboEJ6BufWFSF-0PIrAFAgPoxJXe2tgytit7fyPZxIyzqauw1fPKIpXmhtpRh4Y-SNJkzfWjshAPHKaeLz6em_7a9ctF_VfhHnaBjo4w7HejDDUNJC5-sJEdKNt9noRwbSbKTaTRg4vgDCW5Ls8z5LwOSagTtNF-yBJtJWfdcvr-9YYK_TFsa3WRwXWTW86ShiU4tikpZqTj6hWD3OsGPS_XwYD7FsrYOk0ekWMi-UqTlKX6CXlpqqxyaYDqgLWSZ5bEDnJU5pQdVsRj3wekgy3eBYDLu8vUdaGb6_1raeuhNGqk9jtfP_mBXVoiQQbvtokpkDcp4vdOVo3xSAbIt8S49BvFctqdGtzMDIBpAZkxiZ6aFhhdJO0AEp4nMSkcaJiF-LR5lQAdMKypy6gWxEvteXEM6u-SyleFFliVpMVHFJhQ5S7AR7ykVbNfMhLwtf5tgl7dE57iJiwWz7AY4qUyyRgFddMxV6K4oK-s0jh_wUTmW7z4Ef4xVwiX2Nd2-ZBKE4FPM03TNtdXRE_QmW4n4bj0wKq07_jWF_2T-qLNFGuP2e69TjwnkXsE6e1MQMMlYCh2rGbe0S2g8dnV2TtDQc7hV7yuR8-yeFVnWDLFNkTLOe7EKZPucYk5Vzg5DZLDLbtWG8yToPkZ1W-LuIG24TmLId4P0A613VS-S6pqEMQnJP3EDim8eUUqJD5Mqu13Gx3Zz1gogXKnI5sMP1Vw5MA3MuqYTzUsLK8Bq_JoEnwiXABJq7NLrO3evp6s3Lbs3fJrMTSV0mAFz5MuuIp_1ozwLyBMUFeCCg8ysD2IDDerb5pSCPtvwj_W3MnKnSXWINbv1H8yro2y-tsdVTMYP7gKh2s92G-DMkajTgUYT3Wv5xqAljv7gdFNvbjxm9CD-56d7In1RoeWDvJSw9CusLPws6rd_-3f68sDLJ-hLfemJoMqlaNF7XCFe0DZWfNKhsqCUHm2U2FLy2645xVsQzWY_p5Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r2---sn-h0jeln7e.c.2mdn.net/videoplayback/id/07118e0a83413089/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810812099/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 201A 2 MB
2 MB 133ms
65ms Media
video/mp4 2a00:1450:4016::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4016::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

dec27f8e9c1d00b35d0dd0f3c7e8f7dc1241ad2050291dccfe95b39cb593f20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 04 Nov 2022 07:22:30 GMT
date: Fri, 04 Nov 2022 07:22:30 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2229713/2229714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2229714
last-modified: Fri, 21 Oct 2022 14:52:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=3389413474069721&bg=!oqGloeXNAAZPh4lnb4c7ACkAdvg8Wp-bRnSpM4ffv7M6uH5UH8jfbIHkadwBsPHLy6XvWzjs1u-X6wIAAABiUgAAAAtoAQeZArC7wk-RVto1krhOrYcDynTiveQz-wKNzoNp7CCYkkJ-wXrqw3k6_AF_b0ulFLndlkcc0ojRcCm7t4QqogbEbUphuMQL4qF0vYye3eTZlpZAm3w1-lllWk4FzODY0xWil0kO4YbB_aHQeUtP_Ntfrn2des7p5hB7ecio9z0QwAF-03ZUCfXtubHpf7ikjv0x_UqWjXrBhKuQwfgB1bxU-YrVI_hxM9azCnC-fZ-pWiv3aioamCAWEnPF2N1bo4SH5dy5xZuSx_jR3ZkGpaoTcaUta8nJshEnb6S2JAuMFw_Xf_GIcCrlExIvpZMm-R54Eg9C8rFCtePifpNEhf3U6v625huBsZPdQyxqDvKwwEYVhogg20hZcmAaWpZ9H8NW3vfs2e_iiU4IEDaIbU0JJtcbfgU3IwbF2lYNZ6Favi-lcxt78Ph9bvC_fcs1LTmQhJN5-0mSh4vDiqJ6zolErlVMAdyQbrGYoGyqYmEch5IKA_JldNx2Nn3Kh_gcguG9WXGyddEU0jWR41YX2pG2NK-cuom0L885LipIao6f_-juyNeOiCFmz-SxJRH75WsOJ-dfiyuJyyF0UeFraWcEHX_v6oYeWjWk_KYgzkG_wD6uVrXcTo63ls4ctAMtQCAwSvxgYtzWefJ62x_dDDKCIvweOSRxVMl3rMc9MYthq9E-H91PyPys4drh1YHycvNzbGjTBVx6YWojwvrDQydHKAS86MCDXyS5I2wHgE7LAMkcCU8uCj828TJ2RjkBU7bxS65vsoY4kN7w14Yt9-HDkDtogs6I7Lnl0dMaXhsLYqSveV9MsK9tzENkFCnolAIDQuwFAotrtCds1AZkL0qHJhsPZotaf0WzUTgwacbs96xhe-5HibPA7bPsxV__uh8MYhvWKbJ6tMpa-XOkRQFIslCd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 201A 0
17 B 122ms
122ms Ping
image/gif 2a00:1450:400f:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~la265sjt&c=3555346492768&slotId=1777673246384&qqid=CJPL5Pz-k_sCFc_V3god1tIHUA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=990&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221024_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 123ms
123ms Ping
image/gif 2a00:1450:400f:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~la265qnx&c=3389413474069721&e=44759875%2C44759926%2C44759837%2C42531706%2C31070696%2C44775017%2C31061691%2C31061692&ctx=1&met.3=782.pk~1001.pj_1__1~164.pl_1~165.pi_3~166.p9_o~166.py_2~164.ro~165.ri_7~1032.xe~326.xg_1~832.xi~868.xi~216.xd_6~215.xd_6~843.xd_7~779.xk~889.xt~639.xy~1032.yc~326.yd~832.yd~868.yd~216.yc_1~215.yc_1~779.ye~889.yf~639.yk~112.1a6_1~629.1bv_1~168.2f0~168.2f0~168.2f0~168.2f0_1~168.2f0_1~429.2ku_1~210.2o8_1~1032.2oa~326.2oa~832.2oa~868.2oa~164.2oa_1~165.2o9_2~466.2o9_2~522.2o8_3~779.2oc~525.2oe_5~639.2ok~168.2wf~168.2wf~168.2wf~168.2wf~168.2wf_1~168.2wf_1~168.2wg~168.36m~168.36n~168.36n~168.36n~168.36n~168.36n~168.36n~113.38y_1&met.1=1.la265pdr~6.bt~7.bt~8.bt~9.bt~10.bt~12.c2~13.g0~14.g5~15.ge~16.nx~17.o8~18.oa~19.38q~20.38q~21.38u~22.nb~23.nb
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221101/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.oferlo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 07:22:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

229 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.oferlo.com.ua/	1970-01-20 15:58:02	Name: SrvCch Value: 0
www.oferlo.com.ua/	1969-12-31 23:59:59	Name: _csrf Value: f611b0b90959fed98368c0092d5330fe3ab773aaf4d4a2fc421087fb1328f416a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22s2PozK7Fd5UiRoP9D784b68jmp3dHrhn%22%3B%7D
www.oferlo.com.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3hrtlh0bjmvvnegk5iqibqjaso
.oferlo.com.ua/	1970-01-20 09:22:02	Name: _gcl_au Value: 1.1.504394944.1667546547
www.oferlo.com.ua/	1970-01-20 15:58:02	Name: push Value: 0
.oferlo.com.ua/	1970-01-20 16:34:02	Name: __gads Value: ID=67e1318689d381ca-228b127b65ce008d:T=1667546547:RT=1667546547:S=ALNI_MZR7PRmBxoJkujoUxOLYYNjDCt7KQ
.oferlo.com.ua/	1970-01-20 16:34:02	Name: __gpi Value: UID=00000b7c80eff0dd:T=1667546547:RT=1667546547:S=ALNI_MZ8eveuqHs_vc80Zkntjmq2mo360Q
.oferlo.com.ua/	1970-01-20 16:48:26	Name: _ga Value: GA1.3.285871355.1667546547
.oferlo.com.ua/	1970-01-20 07:13:52	Name: _gid Value: GA1.3.405520114.1667546547
.oferlo.com.ua/	1970-01-20 07:12:26	Name: _gat_UA-24834420-46 Value: 1
.oferlo.com.ua/	1970-01-20 09:22:02	Name: _fbp Value: fb.2.1667546547590.372237366
.adnxs.com/	1970-01-20 09:22:02	Name: uuid2 Value: 5563090668393729264
.casalemedia.com/	1970-01-20 09:22:02	Name: CMPS Value: 3348
.casalemedia.com/	1970-01-20 09:22:02	Name: CMPRO Value: 3348
.adnxs.com/	1970-01-20 09:22:02	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In3l]=v%!]tbPl1M>e)ZlrFUfJ+tGXvWBE7]DIRmc$c[HUO.L#GQmQO/Ns]5*'^TDm0r3If)y3KL9D3I?+flH=mn
.doubleclick.net/	1970-01-20 16:34:02	Name: IDE Value: AHWqTUmlkZqsAPJwr53YwsTvQ5ztVSflq-UixladYtrIniFT7uvfwttV-oxtEjIxF-Q
.quantserve.com/	1970-01-20 09:22:02	Name: d Value: EAABCQG_J4EA
.quantserve.com/	1970-01-20 16:42:40	Name: mc Value: 6364bdb4-e1c39-6bd8c-782f1
.pubmatic.com/	1970-01-20 07:13:52	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 15:58:02	Name: CMID Value: Y2S9tB80jk0QzFvsN.l4CwAA
.pubmatic.com/	1970-01-20 09:22:02	Name: KADUSERCOOKIE Value: 4319FA12-1E76-43FF-ACEF-6F1A9C1A5DFA
.rlcdn.com/	1970-01-20 15:58:02	Name: rlas3 Value: 1KRkqsVJsq7C2wJ/nfvdfstmofzoReudBSqzK82LZSk=
.rlcdn.com/	1970-01-20 08:38:50	Name: pxrc Value: CLX7kpsGEgUI6AcQABIGCOndKhAA
.e.dlx.addthis.com/	1970-01-20 16:42:40	Name: na_tc Value: Y
.serving-sys.com/	1970-01-20 09:22:02	Name: A6 Value: 10SNITxOAq1005xi000010000
.serving-sys.com/	1970-01-20 09:22:02	Name: u2 Value: 84d1ba50-6260-4afe-8521-2fc1cfcc7e754JA06g
.serving-sys.com/	1970-01-20 09:22:02	Name: eyeblaster Value: FLV=0&RES=32
.addthis.com/	1970-01-20 16:42:40	Name: na_id Value: 2022110407222900013574754068
.addthis.com/	1970-01-20 16:42:40	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:42:40	Name: uid Value: 6364bdb5283bc0e8
.addthis.com/	1970-01-20 16:42:40	Name: ouid Value: 6364bdb5000166e5b804bf5be7939cc2290e033d8fa1d52a143f
.dlx.addthis.com/	1970-01-20 07:55:38	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:55:38	Name: na_sr Value: 20221104
.dlx.addthis.com/	1970-01-20 07:12:26	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:55:38	Name: na_sc_e Value: 0
.casalemedia.com/	1970-01-20 09:22:02	Name: CMTS Value: 5140
.innovid.com/	1970-01-20 09:22:02	Name: uuid Value: 9ce52df2-e52c-49fb-81e3-507dabc4182e-20221104 03:22:30

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'wake-lock'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, display-capture, document-domain, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, publickey-credentials-get, sync-xhr, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
ag.innovid.com
bid.g.doubleclick.net
bs.serving-sys.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
eu001.leafletscdns.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
lm.serving-sys.com
odr.mookie1.com
oferlo.com.ua
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r2---sn-h0jeln7e.c.2mdn.net
rtb.openx.net
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.oferlo.com.ua
104.18.19.126
104.76.200.221
142.250.181.230
142.250.185.130
185.64.189.115
185.80.39.216
2001:4860:4802:36::178
2606:4700:20::681a:264
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200d
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9b
2a00:1450:400f:805::2003
2a00:1450:4016::7
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
3.73.221.153
34.98.67.61
35.227.252.103
35.244.174.68
37.252.172.250
5.182.38.129
52.28.143.91
69.173.144.165
74.125.140.155
95.101.54.200
019e5ef4eae6526b7df9b7119715ece680f8a207b20742c38b8a73ab8f135c50
0231177748b4424384268858d78d39c01123522edf57b5b10a76b1c404ec1326
05fe0b674c6f6b6e506c32f774a26798bf3863f705c26fccd5d96a030274886b
0674a525618751a642fe4baa693ff34b3c0580a13624da212f9d61300916b76a
07f52ce833cfbe268e130c7bd593d41b7f2d94a15c550e7434803c5f14652f85
09dea6320f4520d39fa954c5944aec47837a939f271e89d46a2e6d1585a698ba
0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55
0b3f9775925a4f0958ba8238dcf808f8ccc716f4380e0e032b4b6c997e4eec24
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9f243e38580effa8393e2fde8b1b6292b50af8653b8eb68a0fa5f4ae6a9d35
0ef1f9f33632ec6e27928d82e6f155d14605c07815630b6a4dfbf830464795bc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
1bcb2d569af95812adebc17ca1687da91f9d90ff225d282ad697c03e1cf65028
1c897fcfa6be72e2bf55770711a1f26dab4095d209ca4cc92b65cba0f0ea0b83
1d3440d0952fadf83b7e02aba085a19e67cff22b3ee914ef84a03137727db7cf
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f8238f42a313428b8365cfefb2679a7dc360f859ba4304da5a48332a8721a33
20b7ec5c587ce88329c10b1ab2f288ecd11dcd57e5716e90d6a957f8fddd3db6
21b177a40aba940d7cdbaa62174e671bf2f02af901978167753fdcfce2be9101
259b67aae500877eceb2ab41928696ff03aa65b25cfd298f668030b87db493cc
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962
29a66c2f241cda2f1589a9d646bf7988951fc01253b868715cb84e65bedf8ef9
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
2f43e35c9c59892abc041c104628f994df6c53ab6364055fa42821c1122a618e
33b77c3ebb0dfdb1386c077573297dc737b1e1e9e26f33186edd1c1bd7bd8972
34ab7b6bae04a32fc40e9b91566b00a87306ede37dd72313499b831cef75b2c0
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
3b5c2abc10ad805c4de0200f2e6a6dfdd82460db05e3145a169e7767d17d534a
3e65ffae7b1cb6bcc20cd41aaf080758bc34dc4278262b3361c1ee21f7b5d462
4253f77b0d96cf34bfcc0c2f8ade40886e3a60e5fd6d6531a66c848456437b03
446bab4f19b463933ba69fc0c0ff5317bcef393fdcda0816e62b0a2b4aafeaa2
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d22520c085453857e822427f0f66d18d0c98986f6e1e40d6fa0fc7d44a657be
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e70f196596d57a6f3570a0983040f63d9ed88bb9da8849a302ad19fea617dd2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a98b391ecabe2dfadd3ad1b4cc188c8f55a25fdc24983414c5980b055181f5a
5d360473e8962848e1b9607fdd117749549d06d2e631b3ef82a64f21c7189e19
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f16f58885de373ce052a72b68ae407a049b3037a4324a04043a42fdac99460
67fd2de5e7c68fe79fd5fc40f2ffb3ced5a8bad748f681f5966bc43e9e411322
681edf17a7cf0e80c5117629eec2531bf0bfd77ec9f9a8308a1bc2edac88a275
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
69c21c369da1df9da057ad8cc8a9018bc08530a4e3d68077bcdd4e0e0da4ff70
6c6a4676929f17f35157c32ff4e75ff3738742273c5c1fe2ac48dca0c3a7f5fa
6e09a6d66cea44aed01cd3c0e4224d8ec505d0ef42af7a3184f6e7523bc5b462
6ef81d1a436e54449d094e62ad44dc82221a1c752069947e0a2c071b49a9c701
6f22966b13e75ab8fda4c46107f7de87998e445e7b37e377a03a9b5beab88b9b
710cf1f76557948352e0a3bfdfbb71197ba6a984c9b73cb557f4a654113d7b70
71c40c8cc425a3ee164214cf2bdf32f2d3d46c3044ec99e6f123954a84b8fa82
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7626318acfbe6eec5abc99f2cc5778703edd1f90463af85d4cbedd693faa114b
7669e867d39010e14712c509b568f673ad0ba9fe9affb55bf4f0788d0c5525e0
77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2
7c191e5ef9504ce2879aacd7dff8eaa160e68f7d136f9994a2087d43b35cccbb
7e7e7d97399e03e24a55f3b6218e69ffd2ce957eca70aee8b854b6aa33366402
80c9f103dae953f0617bcc88e3ac87d83773ca415fa0d984b97c7dc70e2ce7b4
81e16def48f9f480860111ee6a037e537e428e423153820e628f2314d5ab37ec
837206ebf6e62ede22e73028f6086e3cf47af7719e15721650d7bc42e5cf5f41
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8542472823c3db1c9fa9e4d6ad9192951d499dbad7db89cafa789d7f61627a3e
89502015874184aceee6cabd48b8be64ce80ba2b6e964247a0fcb94b85527960
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b00616261a0df3574dfc8b4c0e0403d62121d1bc83b45744fe2c76c5252095e
8b4d65d697190902b37678499c99785c2f81d62664ba5d23a94a5934ec16d7ce
8cf4140305db6473492b7bce8c789d33bcc9a862f9d2d7fce40b115edb31683a
8df4fab5171a5708bb0e27d5c3b6a1d67dbe5a266851726dff167a2a7e03673e
8e68bdbbcbde2164c64f4b7b15291c0d1429ec0a4e3cbda2427a589154b66b18
8ec5bd4e68091bb43fe87be05228cbc56e134f25555c71914b9bca20dd83fb94
9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06
914d089eacaecf6944ee46bec04ac11975c734f98ddbfc5750536c2adb23fce8
97992093717fde367507473ba78c48117095bdd5eac32fa9b9c8144aa768e4d2
9a0574a1e7e1a1090b17dbf386399714e05f4afe8f09e15a3e5dbd58b435eb1b
9a766ea12240078e9a4911493790c08cfa979a18619d180cd7f5a5f468fd79f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c2516c4c455411caea0c64380b128f1b5f01afcee30dd17560d3da5c7699679
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
9d0ec01d98e8a4dc98af6301e8f95b634f63a9256cff1f71d592fe267fe1ec9c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a049edfff9507adba029091a9ef66a3017d290cb2d81bb96af6ce86161882192
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9c216dc2c163cef46ce19c9156c05aa2edfae28210be29ccfbf902a75190293
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
af24f3aad07194346361eca5f1a1df063b221f0b3fccda53da0c454c1f6f1201
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1fb1e346384232cb17d28002913baaafc0572382bae5aec82b0dca887f16f42
c2531229b60616ea7be41448ff9ca6041a9059805a8b4d092c08c313ad2b77ae
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4f2d2cce0c47e7d116589c641a59f0ed79aa7db34f2e96257c7b4deadafcc2c
c6117374a1f09adbbff6601b20fc00b2264cf5fb2ef53ede0b320a337109026d
c6c7f3ffc0deb34af0f7c06c3610b4c6736993258ea2189658735f42dd251e51
cc7d17681dbd69473d4e1a68584f2137f4be53484139e8dd0d307cfb08fcaab3
d15f85d0aa8fe49a0ba11e1bcd2c4ad286c0ab1bc0452dec8c2fec9a446a6caf
d8425275b77f7ce018416241e85960821de53a5ed71761a1ae397b1a5e855336
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dc05187f20059fb91e255cbd76de4a7e0481e2f02d15ae5c45eeed42d59e2a09
dc4c24faa867df9b33628fdb8aaf2d456e989750e4cda61f2418fee5d8b1c5cc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec27f8e9c1d00b35d0dd0f3c7e8f7dc1241ad2050291dccfe95b39cb593f20a
df94118151425d11320f6fb3958f309162e9556cf48af223f66421c6a3c8e456
e0f2cca7784269c376cea0c66fa206e809162035f87759bd0d44d171dda8053b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7787e62a2bd4073e14483a01975543844680f574340dd8fa8285732da991bc8
e91e4f767982a21e6240cf9f0631053ac63cce60efca9b4948facf64373619ec
ea88adff36505b44e034dda505e6dfbff22f8b35b1ed2dd413abcad42d522ebd
eac6b23e8304cc24b644f826820a05e897b13d4b8feecf938113c2742eeeab4a
eae3341093189c106c716049d2a9f351f3260153dd0acd0de9e1da7f88cbca3b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50ed9c3c87ec6211e8cefe2c82e05d2e89f75991ed6fdc0b9607449db7dd777
f6c0fd70405f944e0d310f7ee9e16249c00f136832d2eef24207a29b92a42bac
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fea2ac35d917f85bfd526355d21763cfd7eb33d35dabea46f479e3ae9322b248

www.oferlo.com.ua Open in urlscan Pro 5.182.38.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

92 %HTTPS

60 %IPv6

26 Domains

42 Subdomains

35 IPs

8 Countries

3735 kBTransfer

6097 kBSize

37 Cookies

13 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.oferlo.com.ua Open in urlscan Pro
5.182.38.129 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

92 %
HTTPS

60 %
IPv6

26
Domains

42
Subdomains

35
IPs

8
Countries

3735 kB
Transfer

6097 kB
Size

37
Cookies

176 HTTP transactions
2 data transactions