www.stb.ua Open in urlscan Pro
2606:4700:20::681a:91b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stb.ua/
Effective URL:
https://www.stb.ua/ua/
Submission: On November 10 via api (November 10th 2022, 1:10:42 am UTC) from GB — Scanned from GB

Summary HTTP 374 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 61 IPs in 13 countries across 40 domains to perform 374 HTTP transactions. The main IP is 2606:4700:20::681a:91b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.stb.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2022. Valid for: a year.

This is the only time www.stb.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:81b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 83	2606:4700:20:... 2606:4700:20::681a:91b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	23.111.96.52 23.111.96.52	39134 (UNITEDNET) (UNITEDNET)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.93.164.210 142.93.164.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 4	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
5	23.227.138.196 23.227.138.196	55081 (24SHELLS) (24SHELLS)
13	107.151.2.114 107.151.2.114	55081 (24SHELLS) (24SHELLS)
10	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	95.216.24.148 95.216.24.148	24940 (HETZNER-AS) (HETZNER-AS)
13	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	13.226.153.39 13.226.153.39	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a0c:5c81:512... 2a0c:5c81:5120::2	55081 (24SHELLS) (24SHELLS)
1 2	52.211.170.239 52.211.170.239	16509 (AMAZON-02) (AMAZON-02)
1	145.239.237.56 145.239.237.56	16276 (OVH) (OVH)
2	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
5	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.107 18.66.112.107	16509 (AMAZON-02) (AMAZON-02)
1 3	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:9e00:11:1ed0:3900:21	16509 (AMAZON-02) (AMAZON-02)
3	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
28	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
18	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a0c:5c81:513... 2a0c:5c81:5139:0:baca:3aff:fe65:6d64	55081 (24SHELLS) (24SHELLS)
1	108.157.6.231 108.157.6.231	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
10	2a02:26f0:e30... 2a02:26f0:e300::5f64:924a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 21	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
51	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
3	74.125.133.156 74.125.133.156	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2600:9000:223... 2600:9000:223f:b200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
8	213.254.244.110 213.254.244.110	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
5	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4009:1a::8	15169 (GOOGLE) (GOOGLE)
2	34.253.97.99 34.253.97.99	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	3.127.73.37 3.127.73.37	16509 (AMAZON-02) (AMAZON-02)
5	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
374	61

1 2606:4700:20::681a:81b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

stb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

83 2606:4700:20::681a:91b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

stb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.stb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.vertamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.96.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)

ua-content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.164.210 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

ua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.227.138.196 (Piscataway, United States)

ASN55081 (24SHELLS, US)

static-cdn.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 107.151.2.114 (Piscataway, United States)

ASN55081 (24SHELLS, US)

aux-log.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aux-log2-sh.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.216.24.148 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.24.216.95.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.153.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-39.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5120::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

d.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.170.239 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-170-239.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-107.fra56.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.4.10 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9e00:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c81:5139:0:baca:3aff:fe65:6d64 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ads213.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.6.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-6-231.dus51.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:e300::5f64:924a (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.18.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.215 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:b200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.123 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.254.244.110 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:1a::8 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r3---sn-aigl6nzr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.97.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-97-99.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (Glen Cove, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.73.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-73-37.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	stb.ua 3 redirects stb.ua www.stb.ua	5 MB
60	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203 pubads.g.doubleclick.net — Cisco Umbrella Rank: 430 bid.g.doubleclick.net — Cisco Umbrella Rank: 672 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294 ad.doubleclick.net — Cisco Umbrella Rank: 173	303 KB
53	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 262 gcdn.2mdn.net — Cisco Umbrella Rank: 906 r3---sn-aigl6nzr.c.2mdn.net — Cisco Umbrella Rank: 166144	2 MB
53	googlesyndication.com 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 ade.googlesyndication.com — Cisco Umbrella Rank: 275	575 KB
29	adtelligent.com static-cdn.adtelligent.com bootstrap.adtelligent.com aux-log.adtelligent.com d.adtelligent.com — Cisco Umbrella Rank: 777131 player.adtelligent.com — Cisco Umbrella Rank: 6186 s.adtelligent.com — Cisco Umbrella Rank: 5816 static.adtelligent.com — Cisco Umbrella Rank: 420925 ghb.adtelligent.com — Cisco Umbrella Rank: 6055 pixel.adtelligent.com — Cisco Umbrella Rank: 915966 ads213.adtelligent.com — Cisco Umbrella Rank: 676354 aux-log2-sh.adtelligent.com — Cisco Umbrella Rank: 145786	88 KB
20	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 448 rtb0.doubleverify.com — Cisco Umbrella Rank: 649 tps.doubleverify.com — Cisco Umbrella Rank: 457 tpsc-frc.doubleverify.com	473 KB
10	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4753 ampcid.google.com — Cisco Umbrella Rank: 2085 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	3 KB
10	piano.io api-esp-eu.piano.io — Cisco Umbrella Rank: 102033	68 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418	7 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 2536	21 KB
7	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 209 secure.adnxs.com — Cisco Umbrella Rank: 426	8 KB
7	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 16802 tt.onthe.io — Cisco Umbrella Rank: 13827	20 KB
5	gemius.pl 1 redirects ua.hit.gemius.pl — Cisco Umbrella Rank: 473718 ls.hit.gemius.pl — Cisco Umbrella Rank: 12859	20 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	233 B
4	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 290 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503	4 KB
4	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3108 adservice.google.co.uk — Cisco Umbrella Rank: 5214	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	279 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 723	820 B
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 413	360 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	142 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	195 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 625 script.hotjar.com — Cisco Umbrella Rank: 763 vars.hotjar.com — Cisco Umbrella Rank: 824	71 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 530	675 B
2	gstatic.com csi.gstatic.com	381 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 662	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4495	643 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 339	952 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 708 r.turn.com — Cisco Umbrella Rank: 3470	869 B
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6563	1 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 30205	107 KB
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 621	648 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 807	45 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 661	439 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3287	104 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 13122	553 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442	584 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 341	265 B
1	cloudfront.net d3div1mtym39ic.cloudfront.net	44 KB
1	adriver.ru ua-content.adriver.ru — Cisco Umbrella Rank: 952700	5 KB
1	vertamedia.com player.vertamedia.com	58 KB
374	40

	Domain	Requested by
82	www.stb.ua	1 redirects www.stb.ua
51	s0.2mdn.net	imasdk.googleapis.com www.stb.ua s0.2mdn.net
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com imasdk.googleapis.com tpc.googlesyndication.com www.googletagservices.com bid.g.doubleclick.net s0.2mdn.net
21	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net static.adtelligent.com 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net imasdk.googleapis.com
13	googleads.g.doubleclick.net	www.googletagmanager.com 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com www.stb.ua
10	cdn.doubleverify.com	28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com cdn.doubleverify.com www.stb.ua
10	api-esp-eu.piano.io	www.stb.ua api-esp-eu.piano.io
9	securepubads.g.doubleclick.net	www.stb.ua securepubads.g.doubleclick.net www.googletagservices.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	aux-log2-sh.adtelligent.com	static.adtelligent.com
7	www.google-analytics.com	www.googletagmanager.com www.stb.ua www.google-analytics.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.google.com	www.stb.ua securepubads.g.doubleclick.net 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com tpc.googlesyndication.com
6	tt.onthe.io	cdn.onthe.io
6	aux-log.adtelligent.com	www.stb.ua
5	ade.googlesyndication.com
5	googleads4.g.doubleclick.net	www.stb.ua
5	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	tpsc-frc.doubleverify.com	cdn.doubleverify.com
4	tps.doubleverify.com	cdn.doubleverify.com
4	www.facebook.com	www.stb.ua
4	ua.hit.gemius.pl	1 redirects www.stb.ua ua.hit.gemius.pl
4	www.googletagmanager.com	www.stb.ua www.googletagmanager.com
3	onetag-sys.com	2 redirects 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
3	bid.g.doubleclick.net	cdn.doubleverify.com imasdk.googleapis.com
3	imasdk.googleapis.com	static.adtelligent.com imasdk.googleapis.com
3	www.googletagservices.com	securepubads.g.doubleclick.net 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
3	28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ghb.adtelligent.com	player.adtelligent.com
3	c.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
3	www.google.co.uk	www.stb.ua
3	connect.facebook.net	www.stb.ua connect.facebook.net
2	ad.doubleclick.net	1 redirects
2	beacon.krxd.net
2	csi.gstatic.com	imasdk.googleapis.com
2	image6.pubmatic.com	2 redirects
2	d5p.de17a.com	2 redirects
2	eb2.3lift.com	2 redirects
2	pubads.g.doubleclick.net	imasdk.googleapis.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	ads213.adtelligent.com	static.adtelligent.com
2	pixel.adtelligent.com	www.stb.ua
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	s.adtelligent.com	player.vertamedia.com static.adtelligent.com
2	player.adtelligent.com	player.adtcdn.com
2	segment.prod.bidr.io	1 redirects www.stb.ua
2	bootstrap.adtelligent.com	www.stb.ua
2	player.adtcdn.com	www.stb.ua
2	stb.ua	2 redirects
1	d.agkn.com
1	r3---sn-aigl6nzr.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	secure.adnxs.com	1 redirects
1	ssbsync.smartadserver.com	28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	dclk-match.dotomi.com	28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	match.adsrvr.org	28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
1	r.turn.com	28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	d3div1mtym39ic.cloudfront.net	www.stb.ua
1	vars.hotjar.com	static.hotjar.com
1	static.adtelligent.com	player.vertamedia.com
1	script.hotjar.com	static.hotjar.com
1	ampcid.google.com	www.google-analytics.com
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ls.hit.gemius.pl	ua.hit.gemius.pl
1	d.adtelligent.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	static-cdn.adtelligent.com	player.vertamedia.com
1	cdn.onthe.io	www.stb.ua
1	ua-content.adriver.ru	www.stb.ua
1	player.vertamedia.com	www.stb.ua
374	79

This site contains links to these domains. Also see Links.

Domain
vikna.tv
twitter.com
t.me
facebook.com
www.instagram.com
invite.viber.com
www.youtube.com
teleportal.ua
ictv.ua
novy.tv
fakty.com.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
player.vertamedia.com R3	`2022-10-12` - `2023-01-10`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-02` - `2023-07-02`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.adtelligent.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-08` - `2022-12-09`	a year	crt.sh
aux-log.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-11-07` - `2023-02-05`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-19` - `2022-11-17`	3 months	crt.sh
d.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-09-25` - `2022-12-24`	3 months	crt.sh
player.adtelligent.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-09-29` - `2022-12-28`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
static.adtelligent.com R3	`2022-09-17` - `2022-12-16`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
ads213.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
aux-log2-sh.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-11-07` - `2023-02-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.stb.ua/ua/
Frame ID: 963C53018889C4C42BB94FAA6FB2EAF9
Requests: 193 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 7569ED70D5272E5F979E6B22F32C1C8E
Requests: 1 HTTP requests in this frame

Frame: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Frame ID: F4CC544BC5905A7A62067E9DC3FABF16
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Frame ID: 9F59046B98FCBD80D91FDDB0085E2083
Requests: 1 HTTP requests in this frame

Frame: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 393497050D58791967EA7D6625ECBF79
Requests: 1 HTTP requests in this frame

Frame: https://api-esp-eu.piano.io/publisher/unattended/52?wv=122&v=vu.1.99.7-e94fd99
Frame ID: 2E5A10625F4CF0065C2DAEEBBCDF608F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstetvkzJp0_jVaCJG46PJPAClEICe_GJ_k4pKCQR59fiyPe9LSLOgTJi0hmee1v9SGWQnJfTHn66ZtvkrGzrhB-sTZLJkbZWIIWJ3M9ydtXXAXn7iltfQ4-GGu_YSW-RPFye1nL_QANXqp-soDXB_BHqMv4prbWvgt_B_SwpR_IQag57GXC_jAZxdwdRDKvcPe7bh7yGwiOJg4n959nkuWl6XZ2aprdSuRwSfmQWItLVQA1qOSs8Fyya-6fn6ekYcGWkR-W6WrmfCjPmMGYQ80Zz8Tp1T544-jalqtqLp7wULQvzhvmNOZjJKicbDT98OCMPutVIUOq6wPEnPG-AEB392w3&sai=AMfl-YQlxLRUKiM1hAU-Lhxn3DzJF_NC9aL_vRC1PyCy-p-Nqi5YC37C6hxOwB37rMCOVaK2AnwBaF_YG6lwAjbM2PJo_5w0T2RIxilu80PSQMfV5j7K4RoRvAoFddqi_KYfdA&sig=Cg0ArKJSzBlsPYU91TI2EAE&uach_m=[UACH]&adurl=
Frame ID: 5148F0438F808FB390E9D86DA5BA236D
Requests: 8 HTTP requests in this frame

Frame: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 88A9B5542FF837F410F9D7CBC9886216
Requests: 20 HTTP requests in this frame

Frame: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 95CE4550901139A35A349D86B496386E
Requests: 19 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/58302844/SLDS_Outstream_Roll_VErta%26description_url%3Dhttps%253A%252F%252Fstb.ua%26tfcd%3D0%26npa%3D0%26ad_type%3Daudio_video%26sz%3D640x360%257C640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Frame ID: FAFB8FECA307CD7C91297C4049F4296C
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2EAE80FF010D43231FFC6958955C3B1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhiZwv7NATAB&v=APEucNVrnNTCHqJAAYslRewdhncs1EnPwxsk7TKaACT6uj3hCWBlaSW97_DbJ1qjwipRTIr4BATBuWXch7DSTPcsX62jB3ol8TAQMpxvc9QkrCAvTi80-Mv6iC1W5cc-4_Ku9VkaVzNvSHQO8JnVT87zCXTdsqDxMK6WTvQAXfDg1H7V18LipNc
Frame ID: 261FF71DA0BE7309484786F20BF93557
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhiZwv7NATAB&v=APEucNVjmK749RREZESqAqcyIlGZQiSR5h7h1bfqZ_REoiOU9H4EuO9kLSHlsgVc8tiyczp4SiD88oHDTv99zSOem2tbC3sM3j1NymnfnyloXoiV8etNhV0xg71k0AekwsBBvqBm399uah1OKDIW70dHxnlyAP-p8uyv50iVb1gJgVwUFKRccuU
Frame ID: 09984C606E41CF6C905AD82806FF0008
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ECE8BF50C6FA4C9C574C48655B55D9DF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 85F8C81DCCC5535068F27528781AFA8B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9631EB5D5B38302224C63B9A09E03B6A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 13875CAF9B698FD3091BC1600CE93EC1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BE09272B19F7A6DBB8E7F2D4A1E6B83E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html
Frame ID: 3EDD961E1DFC07DF758C19180F49A24E
Requests: 26 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: 23AEB5792D6DEF18533A66DB824A02A2
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 782955656672CF459C6B25B34779A85E
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: E15583159671B43AB75CDA0E1B5627E0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E56764F20367BB892C30FFF54A4342E9
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
Frame ID: B6B3FD6ECC1CE747DC18B7AB368DEDC7
Requests: 26 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
Frame ID: 8CB7D9900060A54A6C7BC48C6378FCB2
Requests: 26 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: E4A6E60C14E241A2E87CF0E891BE253E
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: 7AD7E2B7949BD8055E9D6B139B70557A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: EBDF331ADB8809E687D3FE8D2253F8AC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: 676C4DA3EC6C94A1844E37F1EF9B54D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C1B8D1C94EE6511A1779F69A6F7793EB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Телеканал СТБ. Дивитись онлайн відео шоу СТБ

Page URL History Show full URLs

http://stb.ua/ HTTP 301
https://stb.ua/ HTTP 301
https://www.stb.ua/ HTTP 302
https://www.stb.ua/ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/material(?:\.min)?\.js

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

374
Requests

94 %
HTTPS

49 %
IPv6

40
Domains

79
Subdomains

61
IPs

13
Countries

10602 kB
Transfer

18003 kB
Size

58
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://vikna.tv/
Title: Вікна

Search URL Search Domain Scan URL

URL: https://twitter.com/TVchannelSTB

Search URL Search Domain Scan URL

URL: https://t.me/stbua

Search URL Search Domain Scan URL

URL: https://facebook.com/TVchannelSTB/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/stbua/

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQAEyTKlm%2BFr7EkXH3XqNq6Fq5YMfDXXGFuMoFZyx8P99870orQOxD5pN7G51IsF

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/StbUa

Search URL Search Domain Scan URL

URL: https://teleportal.ua/ru/show/stb
Title: Шоу СТБ

Search URL Search Domain Scan URL

URL: https://teleportal.ua/ru/serials/stb
Title: Серіали СТБ

Search URL Search Domain Scan URL

URL: https://ictv.ua/ua/

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stb.ua/ HTTP 301
https://stb.ua/ HTTP 301
https://www.stb.ua/ HTTP 302
https://www.stb.ua/ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-4&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-4&value=&_bee_ppp=1

Request Chain 139

https://ua.hit.gemius.pl/_1668042632531/rexdot.js?l=100&sendf=8&id=zUo6tmLlE4obxevJajbfI_VF31ldd8cn5AHubyWvRSX.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.stb.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=dZR7wQ9KPxqQ75Ftx7HTxMtLIxNeCXw7VWS8nyckl_D.q7baTgK_joJRWH_ufxOjvoYqkCrW0Z_hl2aiy.Ohf1Ys1_y2/nMajvzdKJA3PM/&ltime=301&fpdata=BSOAQt8yV_St_LKVWI8FReH2ysDw2vHZJMQs5ZM501P.B7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
https://ua.hit.gemius.pl/__/_1668042632531/rexdot.js?l=100&sendf=8&id=zUo6tmLlE4obxevJajbfI_VF31ldd8cn5AHubyWvRSX.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.stb.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=dZR7wQ9KPxqQ75Ftx7HTxMtLIxNeCXw7VWS8nyckl_D.q7baTgK_joJRWH_ufxOjvoYqkCrW0Z_hl2aiy.Ohf1Ys1_y2/nMajvzdKJA3PM/&ltime=301&fpdata=BSOAQt8yV_St_LKVWI8FReH2ysDw2vHZJMQs5ZM501P.B7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=

Request Chain 148

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1

Request Chain 229

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2xPiQIWl1GgX2XpAbBowwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOcKXN0zOfdDxi3k_kd76-Y&google_cver=1

Request Chain 231

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1

Request Chain 233

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2xPiQIWl1GgX2XpAbBowwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOcKXN0zOfdDxi3k_kd76-Y&google_cver=1

Request Chain 235

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D

Request Chain 269

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKy-OlFYft53MpWZMXmVH6g&google_cver=1&google_push=ASkJ3FZa_B0YmJhqe3EctblpjXTgREIeAfi-YUfl3_WHUNnS2Kz7dGwPpUOTVUWs-Bux4mH7oxVGM8yc06yoiyTXql8OTDqyS3LJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU0NDg3NDMyMDQzNDYxMzc0OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAsvWNvp9W0qH2Uke_MqqxE&google_cver=1

Request Chain 271

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJ6DkBh3xEI7ogbSSUlolxg&google_cver=1&google_push=ASkJ3FZ_X_B114nk7zD5PNUfyNVoHVhbrzt0_yiXM_CXyPXp9_8GndKQ8erYXS1kj9vF7zUNKWRShQQYsHdySS67WeCeOmueFV10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NDE4ODU2MTM3MjczOTczMA%3D%3D&google_push=ASkJ3FZ_X_B114nk7zD5PNUfyNVoHVhbrzt0_yiXM_CXyPXp9_8GndKQ8erYXS1kj9vF7zUNKWRShQQYsHdySS67WeCeOmueFV10

Request Chain 272

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIG-V5Yw4lhzx0dwa7ztlu4&google_cver=1&google_push=ASkJ3Fax1X2rRdUskGhvuBWoBJy8ARyjp5eXVdBFp4EmSu6v4CMoaeEOJyhCShuxKao_rdf-UCjoopyur0SpCQJo97kHkcAyRGWT HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=s1-zIiLrTCOTRFztVjkFxQ2&google_push=ASkJ3Fax1X2rRdUskGhvuBWoBJy8ARyjp5eXVdBFp4EmSu6v4CMoaeEOJyhCShuxKao_rdf-UCjoopyur0SpCQJo97kHkcAyRGWT

Request Chain 273

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDB57E2uJIKJyhJEL2pwkcE&google_cver=1&google_push=ASkJ3FazZL5gip0VjtTrsFi6gpXn3CJqVTDVrcE5JPwsTpVb_8sI_Q9xcRaxRQxyGvraLlHjo9P7hVqa_C5WzPxbzRGxkWTuTI6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDB57E2uJIKJyhJEL2pwkcE&google_hm=Y2xPiQIWl1GgX2XpAbBowwAACLIAAAAB&google_nid=index&google_push=ASkJ3FazZL5gip0VjtTrsFi6gpXn3CJqVTDVrcE5JPwsTpVb_8sI_Q9xcRaxRQxyGvraLlHjo9P7hVqa_C5WzPxbzRGxkWTuTI6k

Request Chain 274

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN8LlFwyHHA-7lrIFkTiTDI&google_cver=1&google_push=ASkJ3FYjiMybiQ7opb0tyoXmZDBpRJWdZ8nObOT83NUYxgXwNrJSocSR6u8yx41F043YyClwcnw0PGfxRGeWXCePElgKMUHn9OY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYjiMybiQ7opb0tyoXmZDBpRJWdZ8nObOT83NUYxgXwNrJSocSR6u8yx41F043YyClwcnw0PGfxRGeWXCePElgKMUHn9OY

Request Chain 275

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEA_fzh4ttGSaqj4_p38TLhI&google_cver=1&google_push=ASkJ3Fb8cTLgathAyaODT1KSgjteUidMzgHPbx4DGamisjHdlhmfDDPVIYUPDQVFjiI6dvI0H7TuHce25WtlUMFR8Etopqanw63i HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fb8cTLgathAyaODT1KSgjteUidMzgHPbx4DGamisjHdlhmfDDPVIYUPDQVFjiI6dvI0H7TuHce25WtlUMFR8Etopqanw63i&google_gid=CAESEA_fzh4ttGSaqj4_p38TLhI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA3ODMzMzQ2MTMwNTY5MTQ4NDI5Ng%3D%3D&google_push=ASkJ3Fb8cTLgathAyaODT1KSgjteUidMzgHPbx4DGamisjHdlhmfDDPVIYUPDQVFjiI6dvI0H7TuHce25WtlUMFR8Etopqanw63i

Request Chain 278

https://d5p.de17a.com/cookies/google?google_gid=CAESEBdPud4YtKhPlclWg-wEC4s&google_cver=1&google_push=ASkJ3FaZaDoIM9Kh3lOlJD8swUvY3tghniyejfcgIvfvZe8js5VzqmrEd4a2xyL4RDIhjzOdJ4wcnWtZq71wdKGkynbT1HLKhsQ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBdPud4YtKhPlclWg-wEC4s&google_cver=1&google_push=ASkJ3FaZaDoIM9Kh3lOlJD8swUvY3tghniyejfcgIvfvZe8js5VzqmrEd4a2xyL4RDIhjzOdJ4wcnWtZq71wdKGkynbT1HLKhsQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaZaDoIM9Kh3lOlJD8swUvY3tghniyejfcgIvfvZe8js5VzqmrEd4a2xyL4RDIhjzOdJ4wcnWtZq71wdKGkynbT1HLKhsQ

Request Chain 279

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKwxriZyEI3LUlCZn8jElgM&google_cver=1&google_push=ASkJ3FZ7nq6WBI4TbSHsxuYJEnNT8P3LXwy0olmHOPHObJrKFo7aWhYDgyzMpFM3HSgPanYjZJxxbV_rijhxGDLJwSwutWIZFg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKwxriZyEI3LUlCZn8jElgM&google_cver=1&google_push=ASkJ3FZ7nq6WBI4TbSHsxuYJEnNT8P3LXwy0olmHOPHObJrKFo7aWhYDgyzMpFM3HSgPanYjZJxxbV_rijhxGDLJwSwutWIZFg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YPvyfuwNQrCD5p17RjblKw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ7nq6WBI4TbSHsxuYJEnNT8P3LXwy0olmHOPHObJrKFo7aWhYDgyzMpFM3HSgPanYjZJxxbV_rijhxGDLJwSwutWIZFg

Request Chain 280

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPZMd4TJ0YaGUqKyUC2HC3U&google_cver=1&google_push=ASkJ3FZV1wwE8PtUAyXwpyD06l6tnrWkPwzw_gsz2xLheHEAsc8wPo5YrFsjBXM0OoGJyB3ELcc6C1QystiiGRsc-KiIyKPwkkI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZV1wwE8PtUAyXwpyD06l6tnrWkPwzw_gsz2xLheHEAsc8wPo5YrFsjBXM0OoGJyB3ELcc6C1QystiiGRsc-KiIyKPwkkI

Request Chain 282

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN8LlFwyHHA-7lrIFkTiTDI&google_cver=1&google_push=ASkJ3FYUDfsGmw2e35cWrMWpDUVwzyc2mkGbpQUydOo747y63EiSkRMBAUOliTgL-L1KhKrhN5tS9xQKp2-maGidNPn_ovMJenaY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYUDfsGmw2e35cWrMWpDUVwzyc2mkGbpQUydOo747y63EiSkRMBAUOliTgL-L1KhKrhN5tS9xQKp2-maGidNPn_ovMJenaY HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 283

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENRGUGddQBANhQ94gpB_YVA&google_cver=1&google_push=ASkJ3FZ6rhbjQtYcHTwY2dNlMOzhWA4DxyAwB9QoOWf0wLqjJ3Ex4pohcfjusgE5XfIbbZQVwg8qK33mpJXRFcPInq5Cv0Kr_YfQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D&google_gid=CAESENRGUGddQBANhQ94gpB_YVA&google_cver=1&google_push=ASkJ3FZ6rhbjQtYcHTwY2dNlMOzhWA4DxyAwB9QoOWf0wLqjJ3Ex4pohcfjusgE5XfIbbZQVwg8qK33mpJXRFcPInq5Cv0Kr_YfQ

Request Chain 359

https://gcdn.2mdn.net/videoplayback/id/d4b9de204613c58b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699578634/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/2DC89D797455869D605F42CFD435C87D5F1AB1FB.4A232311613E4C8B22654C6A2278E03C077F309F/key/ck2/file/file.mp4?cpn=h2ULLe0Z9oPcZCq9 HTTP 302
https://r3---sn-aigl6nzr.c.2mdn.net/videoplayback/id/d4b9de204613c58b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699578634/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D0CC285BB6B99D770A5B4E8A84115D0960A0F7F.05003DD24D130CA153DC9E5C2BCACBB4BA9C9047/key/cms1/cms_redirect/yes/mh/_S/mip/2001:ac8:21:e::9/mm/42/mn/sn-aigl6nzr/ms/onc/mt/1668042283/mv/m/mvi/3/pl/48?cpn=h2ULLe0Z9oPcZCq9&file=file.mp4

Request Chain 365

https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY49307073/B24277524.318146541;dc_trk_aid=510873222;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY49307073/B24277524.318146541;dc_pre=CKuSv4a3ovsCFcKrewodCJANSA;dc_trk_aid=510873222;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

374 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.stb.ua/ua/
Redirect Chain

http://stb.ua/
https://stb.ua/
https://www.stb.ua/
https://www.stb.ua/ua/

171 KB
45 KB

123ms
123ms

Document
text/html

2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca88bf3e3a0613bf91ea9ed896fe980871bbff340e266126cabfd028a0b20c67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 767ae8af695f887d-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 01:10:31 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.stb.ua/ua/wp-json/>; rel="https://api.w.org/" <https://www.stb.ua/ua/wp-json/wp/v2/pages/46741>; rel="alternate"; type="application/json" <https://www.stb.ua/ua/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6HUa9Nl%2F5HHrQVUZVpfaxrZcby5y4gNIthTzzWp5QvH0PJnNw3jiiq3DvROL5VDszGaZuimxwYrOYpBdUWOaNNUuP0wp6E7H1OMNHrw9S%2FR1mZDwd784d3BR1BLMCvdI1bs9OdbpiI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-server: 1

Redirect headers

cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 767ae8adeeb6887d-LHR
content-type: text/html; charset=UTF-8
date: Thu, 10 Nov 2022 01:10:31 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://www.stb.ua/ua/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reCTGga%2BYPOUMz7Fju1V66i5WUHKQSEJx1gV8tmMfZeFjK8RrCu25kJ%2B1Sr%2FFeHdrW0zKuxAF9QsQHwBuuB1CQ3GkLYoVZyI91BurmTvwmtdSEXRNKzfjAaAEl9jKbLqSd41ANXVosA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress
x-server: 1

GET
H2 200 an_8J_6KDHLIg_G7K2C3ftg6sDI.js Show response
www.stb.ua/cdn-cgi/apps/head/ 9 KB
3 KB 45ms
41ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/cdn-cgi/apps/head/an_8J_6KDHLIg_G7K2C3ftg6sDI.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9c2407a5e5f4ee58354ef3ec8527cf4b672a5edb7dbea8ba117927791e4e9e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
x-amz-version-id: IWjFq.cfZY2k.wvIyyUO.MTXxkOZmDfW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KV5741AQJ3DZ4KJY
age: 13166633
x-amz-id-2: gOJ3VhcA+RA1tIdGTtgg7LTc7dVkL9Hx0rGxLOwddhCUEEm6pzh8bY1CRasXkYRCMU6EfpA0B9k=
last-modified: Thu, 19 Sep 2019 12:03:19 GMT
server: cloudflare
etag: W/"9e5b364a50a38cfa00e21ceaca0aa095"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WJCT9eYELD9ofKHpWtaduincKbGZi7pM9gZx6LW8%2BiKudvKUmQC3ktn4IOPd6kHCuEm9Nbmr4p4i5oMf9ic6fEzayjuK4MDGKXMNHY7xYxAlh5x9fCKhR9O%2FNut3Eii9lNM0e62dSk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 767ae8b04a6a887d-LHR

GET
H2 200 ados.js Show response
www.stb.ua/ 19 B
372 B 84ms
79ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/ados.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13166634
cf-polished: origSize=21
cf-bgj: minify
last-modified: Wed, 06 Apr 2022 10:44:16 GMT
server: cloudflare
etag: W/"624d6f00-15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6T13Mk6ldzKvYIiq3u4h1%2FvtrgoHZdw5Ge9kHIx4kXmnkzsvnJm36B111Y2ssYk163UfipVXr5ov21CrMjTgGas8LYsAt1thVE4NprHaS2oEHR9oxYxjwI60l4QoKSQtyGouqyl4ytg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07a9b887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 209ms
118ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10784707304

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f95bfd4f0b3e7cc64a5a5dd2737e5990ff07779bbf1abc3aced4a1dc1144955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52842
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Nov 2022 01:10:31 GMT

GET
H2 200 style.min.css
www.stb.ua/wp-includes/css/dist/block-library/ 87 KB
12 KB 74ms
70ms Stylesheet
text/css 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 10:28:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4865190
etag: W/"6321acea-15b64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gieMOgaFXikABEVJOzlGexDTXbFrlKqvWMuI4JD%2BLs59rTXwPzQm2UMWDZSmOuz9gLNGBwkPH8%2FzPqsgbLU1WuxEl2XLYWlbsiHB6qp2ziWXRaCKW%2FPmEZuAf5RxQKrGLs15dj3qBAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 767ae8b04a6b887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap-material-design.min.css
www.stb.ua/wp-content/plugins/vandt/assets/css/frontend/ 114 KB
12 KB 47ms
43ms Stylesheet
text/css 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/vandt/assets/css/frontend/bootstrap-material-design.min.css?ver=2.0.9
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a13d78d84bef8c4d761d0d619cbda472dc600f34390bb990fbc2afaf580077

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Oct 2022 16:20:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3224875
etag: W/"633b0bdd-1c665"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEf3GRT6TQaWWrjjNjJ2GyZ7UDI01k7c17gLIEXSb%2FWz6UhjDS3Bp9%2B00Ps2j1zg8Zi2COPssP9jeZjYdwG%2Bt2oUcE%2BiMDlE34awV0S0ETHmCJiZigCYYVbDzSh%2BlUhf12ayqCTJHbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 767ae8b04a6e887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ripples.min.css
www.stb.ua/wp-content/plugins/vandt/assets/css/frontend/ 988 B
594 B 52ms
47ms Stylesheet
text/css 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/vandt/assets/css/frontend/ripples.min.css?ver=2.0.9
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12868a14f253a4b0f3adc6b2cc61ccf92d0e6970c7dd34e6eb76cf198ec4d10b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Oct 2022 16:20:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3224875
etag: W/"633b0bdd-3dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FxyRP%2FiG94BiBF3NMFA2rbTmf%2FQJgmeNiPcwF4yTV%2FqHIsECtFuCh1csnP26DWM4NySCpghqaspADiDz%2BLdzLXz2AsnjEGU5nN427yiP5xcqtgzY8pxcqylfUzRhsebjpfdwblLR7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 767ae8b04a6f887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 material-icons.min.css
www.stb.ua/wp-content/plugins/vandt/assets/css/frontend/ 668 B
670 B 45ms
41ms Stylesheet
text/css 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/vandt/assets/css/frontend/material-icons.min.css?ver=2.0.9
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a803a843e08672d32a7a99457ff0f2f5d341c99c9a8ea11600f64a67bd744e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 17:49:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1019573
etag: W/"635ac49d-29c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FO63rJk2fNKks%2FOFjv9IFi%2B9sbTR2QvPpw%2FD0jqoW%2B0Ha8XH17D20CKj1u3L8tPlZQcFgubhBz1HgCBTWnsxmv4vAGFY9j0oaXx6IZ6gZZEWy7GIQ4tLNXnpSZ8POY8Bp8l5rPSpfp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 767ae8b04a71887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.min.css
www.stb.ua/wp-content/plugins/vandt/assets/css/frontend/ 19 KB
3 KB 51ms
47ms Stylesheet
text/css 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/vandt/assets/css/frontend/main.min.css?ver=2.0.9
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b417a20e23f64ffbc4c0416c1279e0428d8120a16754c5061169fad23359e878

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Oct 2022 16:20:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3224875
etag: W/"633b0bdd-4a19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXvmT0de6x%2F7VBpNUO5PxFhOvcAT1Di9EGCxLv6kyIlodQnT%2B3wnos%2B3pMuaQw7IItRgt7%2BSPSXNcBMSAHJi2AfWfz7XSQIIBsXY5hBqzODqrEMYfQt%2Bv6YskOKwtB152ys5AS57yx4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 767ae8b04a72887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.stb.ua/wp-content/plugins/constructor-tv-programm-bootstrap/css/ 5 KB
2 KB 50ms
46ms Stylesheet
text/css 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/constructor-tv-programm-bootstrap/css/style.css?ver=6.0.2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc8570984d18a398933d0fce769e2072219b9f4527660a36305481d392cd84f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4865190
cf-polished: origSize=7014
cf-bgj: minify
last-modified: Wed, 14 Sep 2022 10:28:51 GMT
server: cloudflare
etag: W/"6321ace3-1b66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhXnlPLZH5L0m0KuorXCz%2BDfssoDSOG9voB7r1QnJV00g8bAub1sORoY77Awd4fXB8Xk2%2BrllGe%2FcSJCq7wSGffrGrb%2FyNRz4MrTORfCIqPUarcE1%2BDBs4zUXZBE%2FpXoaGsLeNIP0ak%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 767ae8b04a74887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mistape-front.css
www.stb.ua/wp-content/plugins/mistape/assets/css/ 11 KB
2 KB 73ms
69ms Stylesheet
text/css 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/mistape/assets/css/mistape-front.css?ver=1.3.9
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4166545c138b6f6e0cf23bc329d01690225001cff8377c2e0ad2aabf8580a943

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2014488
cf-polished: origSize=17124
cf-bgj: minify
last-modified: Thu, 13 Oct 2022 10:16:44 GMT
server: cloudflare
etag: W/"6347e58c-42e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H99uFgKlqDF%2BZlA4XzKeU3N8GGQO1miSXovqUc%2BZ8RBRC9Mr0DNAShLRMZ%2Fq8zOyLHznl7IJpRxTfm2bCVeI9pch42iI4XOQXJekrxfuLK%2BloEkNgBB0EpZUTChq0pC5dRXAsl%2BhEgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 767ae8b04a75887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amrusersfront.css
www.stb.ua/wp-content/plugins/amr-users/css/ 5 KB
2 KB 51ms
48ms Stylesheet
text/css 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/amr-users/css/amrusersfront.css?ver=6.0.2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c89d926f01b28e431fdf4d7ba7c5b5e3ed2562abc93321f37e4306a642bee72e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4865190
cf-polished: origSize=8823
cf-bgj: minify
last-modified: Wed, 14 Sep 2022 10:28:51 GMT
server: cloudflare
etag: W/"6321ace3-2277"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cKdWblrlJs2XKuUJWfHN9QFdEzFAV1F7w%2FQZLiiN254Gw8voQ39Vk5IGiWQ9hDDFblIq%2FjUYxIbEv4cf6A7Pj%2B6TLBBJK%2BzxLTHmCmcvF%2B8MQlds15yJk6sOJ3LquE7tZpMyYyJ22o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 767ae8b04a78887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dashicons.min.css
www.stb.ua/wp-includes/css/ 58 KB
35 KB 52ms
48ms Stylesheet
text/css 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/css/dashicons.min.css?ver=6.0.2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 10:28:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4865190
etag: W/"6321acea-e688"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xAkXn5NF61eIYd47YlQ9jgaY%2Fxy%2BVUVaXBm%2FN9vu84YwWeftmKPjdrLN5HJk7UZXraqElNU39qj7X0QRs67DIwVuMX5SfCuup4Sp3dvfqDZQOIJQXAIYEbP4hH1riN0nxzj4QEM9yQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 767ae8b04a79887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
www.stb.ua/wp-includes/js/jquery/ 87 KB
32 KB 78ms
75ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Nov 2022 11:29:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 664698
etag: W/"63610306-15db1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpKopvrSRl%2FyfjqHmW%2FQJMB864Zyd6kHT9tVi3949ZiNVlszSVBs6ZU5o9Kby83CR8Ux5gWZ7avU0gcc0gnBEqN3%2FHVeX8E5i%2BsuGBPMETB%2Fxkw7PC%2BtI1LW7LFVKS8Yg3n%2F4xuTHxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07a9e887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.stb.ua/wp-includes/js/jquery/ 11 KB
5 KB 79ms
75ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Apr 2022 10:44:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13162603
etag: W/"624d6f24-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YogVKjjf6QiSYB8I9QRPd%2BwrSI859EuG1suizSUJMBPJGrCBf4Vm5GdltztD2cKzV6dvO%2BPx9OdaUYh0TFvMNEBuQky3j0ju4D6ECg%2FMV4CiNnt0cN7w4oeA%2BSmKtJ%2Fgi6YBqOFn5oc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07a9f887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 circle-progress.js Show response
www.stb.ua/wp-content/plugins/vandt/assets/js/frontend/ 4 KB
2 KB 78ms
74ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/vandt/assets/js/frontend/circle-progress.js?ver=2.0.9
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2c85754d9483addaf3d128e7b28516f9ec28eb01d0c8de8d9fe6e4498e1628

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1145393
cf-polished: origSize=4446
cf-bgj: minify
last-modified: Thu, 27 Oct 2022 17:49:17 GMT
server: cloudflare
etag: W/"635ac49d-115e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALDpPe4N3b3%2FKtWZ9y98EMIGYSw7ECEgXcrTk1nryxzVVa%2FH6hMLfkdPyhvaOWVqdnnsH4vIl5VbPUDNROyNxK2fPFw66x1jiptVOk21uxqygap3Zncum6xvOUEoycUSIb9dmMkZkLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07aa0887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ripples.min.js Show response
www.stb.ua/wp-content/plugins/vandt/assets/js/frontend/ 3 KB
1 KB 82ms
79ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/vandt/assets/js/frontend/ripples.min.js?ver=2.0.9
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce487a64fbd92ab717241ae535b45a8bc008ac7db0fcc43f4033c4086344bd27

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 10:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 501679
etag: W/"6363971f-aa7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFRCXVyXhyWXa%2F6435q%2BulS4pAkMqJh1muYLlxHUN6NPYTjqbUUmM3s%2BwTz6KESnZAAj2a1MUYLpm04LoLNLDNTJ4t%2FxD7W8Za0%2BBc4bhTiAEMOzQhZsJdibejQMT4lBmrKbc6NdkOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07aa1887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 material.min.js Show response
www.stb.ua/wp-content/plugins/vandt/assets/js/frontend/ 5 KB
2 KB 82ms
79ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/vandt/assets/js/frontend/material.min.js?ver=2.0.9
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58cc61823190fe6cc648d14c521055c3801484b5d74604aaa016e97cbf926775

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 10:16:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1837283
etag: W/"6347e58f-15a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEQlR9GK%2FL9NhsceYuJUkXp93szdFq1QTBdX32r%2FQ%2B0JIcFmXAwnwAeC%2F06NzL1RnHKmGrSH1%2Bb26ur5PxROyxhol4ZLc0iBiB5vOe%2BxTmGUHrvNfkFrcVWTISyeJP6L2TyVuG1NLgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07aa2887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.min.js Show response
www.stb.ua/wp-content/plugins/vandt/assets/js/frontend/ 5 KB
2 KB 77ms
74ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/vandt/assets/js/frontend/main.min.js?ver=2.0.9
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b9d7ff6a6daab1c98178bd718153f59e0d9cdd9c9877f983c3ccb040d2ed602

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Oct 2022 16:20:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3224875
etag: W/"633b0bdd-128d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlCX%2F%2BE0t1RwmdQ5iGERokoYT8dTM0iQT39L%2FPGpwRUDWyL469P4l9RXZh8nNHLzNtotlcIKldLRPPA7hhnHdffmXMF0LyVv1L1IoWu7XcaZ8M5MRV6LvxznPAyxBjqgnQRY8vw5OiY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07aa4887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 constructor-tvprogramm-widget-bootstrap-front.js Show response
www.stb.ua/wp-content/plugins/constructor-tv-programm-bootstrap/js/ 292 B
480 B 78ms
75ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/constructor-tv-programm-bootstrap/js/constructor-tvprogramm-widget-bootstrap-front.js?ver=6.0.2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ec28ecc264ed505f506b9e3ca44a2f680be2d3e386b94aee0153549a89ecddb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4865190
cf-polished: origSize=322
cf-bgj: minify
last-modified: Wed, 14 Sep 2022 10:28:51 GMT
server: cloudflare
etag: W/"6321ace3-142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LribW3Y5zkUYTRBoD%2BfDCHSWWgsMc71%2Bm%2FPPcTQ6s%2Bsc8eHSM0tvXBaK8xDteqVo0pzC%2FE%2Fe1MXeNzSTfvvR1f2MW%2B6CcYNbF5bkfOf5bcFBp5p61LNjIf4P0O%2FKtwHheVhgTCTTePc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07aa7887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adriver.core.2.js Show response
www.stb.ua/wp-content/themes/STB_New/old/includes/js/ 5 KB
2 KB 78ms
75ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/old/includes/js/adriver.core.2.js?ver=6.0.2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f3281cda8ac9907bbaed522d207ae16007514a2e5c885f6f73e6be08eb693b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1145393
cf-polished: origSize=6068
cf-bgj: minify
last-modified: Thu, 27 Oct 2022 17:49:19 GMT
server: cloudflare
etag: W/"635ac49f-17b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0tMnqFHzR1BjxdUdcIKN1TEaQWDyhDOjWhoc0Ofqga8QS4vEgBP6kXLxaKnOwjLUgv2052kxPUcLJh13HXM0oy7dWKdPm7UhGOEoViVzKePtD8%2FYQyOygwNaicBspv2KCUHZUvjiSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07aa9887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 core.min.js Show response
www.stb.ua/wp-includes/js/jquery/ui/ 20 KB
7 KB 82ms
80ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 10:28:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4388351
etag: W/"6321aceb-50eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43IWlfTxlPTEypFOiiUv3cZf%2FywaImI8qAo0qusiO7znIdUoLcwYDPnRfIVocVNeZedn7X8qFQesGF2Scl%2B4GM4RAw%2BdhoYDLxKvKIRB38qlwAOMW2PeE6TISuWFNlgdC8pMLnGknXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07aaa887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mouse.min.js Show response
www.stb.ua/wp-includes/js/jquery/ui/ 3 KB
1 KB 82ms
80ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 10:28:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4865190
etag: W/"6321aceb-d53"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BJ0bL65BOfwT1%2FMXj5wLtIxDoxpC1z2L2rdBQWWUdMl8jehVzLDkGOXSVX9YZkTqcEbitXxbpGdeE9kVdvgqh5p60DUlSFeTKUkNFZNpDWYM3IjiSYrmdHQAaXL%2B3hYak0nQkXCV1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07aac887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 draggable.min.js Show response
www.stb.ua/wp-includes/js/jquery/ui/ 18 KB
5 KB 83ms
81ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b934f3213c33c849410d6edf4fa6f85f970839503d462d94413bd8c15a2e106

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 10:17:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1837283
etag: W/"6347e59c-4797"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lULFJWNo1Gn3kWBBHPkRzmElShVatfFlTGRZFBJ%2Fm7V%2FFs3wL7Tk5SKIXGVdFwkIpu6Jc%2BxT7kc7csD6oyHpF0c88ZBuIduCOTC6SS8dXZU3az90lHtrh03tuKgNZ96J3wsdMti0%2FYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07aae887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 droppable.min.js Show response
www.stb.ua/wp-includes/js/jquery/ui/ 6 KB
2 KB 87ms
85ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/js/jquery/ui/droppable.min.js?ver=1.13.1
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3a015f250093ba41c36da57625051930eada74b0bb8d61b7e0c6fef36952317

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 10:28:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4865190
etag: W/"6321aceb-19fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6VmvjDJB5ill1ZvK2PrXNDvt%2BRSHQmZewSTiR4Cz5aC%2BrL9QL68KGH246gZPJYX970I8Rzbo3Voohu2xJd3qn2kuvx6mWMQ%2Bhv%2Bv8BlV8BscF8q86dDP961x%2B%2FBib%2FqzlLei9Y0z98%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07aaf887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 moxie.min.js Show response
www.stb.ua/wp-includes/js/plupload/ 86 KB
28 KB 87ms
85ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e3c3ca1e5a657dc68553f36e79e42b5db706d063b825cd1a0ee121c8eef799

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Apr 2022 10:44:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13162723
etag: W/"624d6f25-1566c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFpdtTPybL3J%2FA0737HSRbemTxonTbR6eu%2FB6%2B5Y0mdRjwEiSfNA%2BlbkPO1wcEtqU4FtMx5e%2F3yHHYajGQtKITuyakanZaJK%2FdZwyCPWoJl3f65fYr6D8VLVMVDim1IvDMlPYWMWm%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07ab1887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plupload.min.js Show response
www.stb.ua/wp-includes/js/plupload/ 15 KB
6 KB 82ms
80ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 416211f730a5a0ff81eb5a9a80c7f22ff932478e0024a3bfd30d685019176c39

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Apr 2022 10:44:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13162602
etag: W/"624d6f25-3cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WMCUfJYtgn8FTpVk9oY28R0Fwfsadyvni928Q5pdIoJpxdIyl1MckaGsvsHgJdM2cSTefhHBnAGvi9%2FIwgvv%2FFiUmd2rPVX%2BdOGs0BgkNontwG96wjJW6Zx3FWcduAC6dOCIW%2BqJGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07ab2887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 form-builder-shortcode.js Show response
www.stb.ua/wp-content/themes/STB_New/old/includes/js/ 7 KB
3 KB 82ms
80ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/old/includes/js/form-builder-shortcode.js?ver=6.0.2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e97d32b2c3724497f35385a463e23d0a274b6bb9260964cb3b95dfefa2c2672

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4865190
cf-polished: origSize=16462
cf-bgj: minify
last-modified: Wed, 14 Sep 2022 10:28:57 GMT
server: cloudflare
etag: W/"6321ace9-404e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDIm7suaXVophOcZHEUfRL3kHoDcQo%2F46tnBtn1Yk8p4Z79hHK%2FjprZmpAseSd6PgeEUES4PhTJmVBM%2Fh42Yfcd2KJ6mf95YcyC9epszBHKrnI7jlxlF6jv6vHeLp3roCtAnhDgBnok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b07ab3887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tanci_medium-size-for-al-proj_300x227-copy.jpg
www.stb.ua/dance/wp-content/uploads/sites/4/2022/02/07/ 24 KB
24 KB 45ms
45ms Image
image/jpeg 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/dance/wp-content/uploads/sites/4/2022/02/07/tanci_medium-size-for-al-proj_300x227-copy.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65097e01a4225474d104521446973cdbc9e3a3f59e197993d03e9ec98b2ead6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7219106
cf-polished: degrade=85, origSize=127600, status=webp_bigger
content-length: 24264
cf-bgj: imgq:85,h2pri
last-modified: Mon, 07 Feb 2022 13:19:18 GMT
server: cloudflare
etag: "62011c56-1f270"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gN4apEgagT11AUnIWhbsho77ylgahFBkwgXbCcXd4OJGDlZMtGI6KdqiBKhRUoP7KEBA5ZhKtV8epwNZbOvSBDSFw1IZgF3qahtSi3GZIQJkz45FqKxLUx4e1T0nnDB2HHD1PWt0naM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b27d3f887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 220x312.png
www.stb.ua/masterchef/wp-content/uploads/sites/6/2020/08/25/ 88 KB
88 KB 44ms
43ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/masterchef/wp-content/uploads/sites/6/2020/08/25/220x312.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1bf55236532b110e5bdeb7d10e0ba651bf46b46700e1d18ecfe78d56d8ee166

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 496175
cf-polished: origFmt=png, origSize=131196
content-disposition: inline; filename="220x312.webp"
content-length: 90042
cf-bgj: imgq:85,h2pri
last-modified: Tue, 25 Aug 2020 14:42:16 GMT
server: cloudflare
etag: "5f452348-2007c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRXjiJgLQS4g8A5Y6sb9fRzvYsCT9ZkxtahfEpzu%2FLpyMoWe%2BfXbwzlxSFKkdy4SuSsBWyAbLTS0w64uN8aKxJJbuapWU9lexv1zbO1PsOS5lLK1UiHU1kvNgGR6gMxW71WYZk31%2BPM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b29d64887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hlst11_site_300x227.png
www.stb.ua/holostyak/wp-content/uploads/sites/19/2021/01/29/ 187 KB
188 KB 40ms
39ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/holostyak/wp-content/uploads/sites/19/2021/01/29/hlst11_site_300x227.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0e8d1ea6c7c69bb12c7b123ce18bb645b8bd604fb95d546c2aab02688173af4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 629908
cf-polished: origFmt=png, origSize=289906
content-disposition: inline; filename="hlst11_site_300x227.webp"
content-length: 191862
cf-bgj: imgq:85,h2pri
last-modified: Fri, 29 Jan 2021 14:11:21 GMT
server: cloudflare
etag: "60141789-46c72"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXbHNpro3LKCwcPTKeApvjuQTnUIV1p%2Bt3PWBAdlOzkd6V%2Bcwgvt77V39oR8%2F8YzxJRhsNBYFFyLJG6tzwk9EOouLqaWQZ4HiEsPflKg%2F9gELI9Q1281ykyHID%2FlRrx6sRURNoJR%2Btk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b29d65887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 DNK__website_300h168.png
www.stb.ua/dnk/wp-content/uploads/sites/760/2019/10/09/ 64 KB
64 KB 40ms
40ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/dnk/wp-content/uploads/sites/760/2019/10/09/DNK__website_300h168.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6964b2c81d38d9edf5f70ff0e2d0c26f30b9b0396fb2665f82803c585c268492

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1310350
cf-polished: origFmt=png, origSize=81820
content-disposition: inline; filename="DNK__website_300h168.webp"
content-length: 65374
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Oct 2019 09:23:17 GMT
server: cloudflare
etag: "5d9da705-13f9c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8mEsLt3yEjHnqmoKi7uysCUeHxuQOG6etvFNBieyYb9WRaf9xgVnj6xtqTdaXuyb0w1I%2B9Nh8WfwH5neMtw9MT5HGh%2Bh64V7C5o38LDM8h0w8b3BLqT3fPMbELUbj2dAEfKmk8zJGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b2ad6c887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 kmd_300x168.png
www.stb.ua/wp-content/uploads/sites/91/2018/12/02/ 87 KB
88 KB 37ms
37ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/91/2018/12/02/kmd_300x168.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 916ac6ed805a3b0bc053064a739037a1137ef6ada0f9f05793a045399b4b0e78

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 628218
cf-polished: origFmt=png, origSize=106050
content-disposition: inline; filename="kmd_300x168.webp"
content-length: 89418
cf-bgj: imgq:85,h2pri
last-modified: Sun, 02 Dec 2018 09:39:57 GMT
server: cloudflare
etag: "5c03a86d-19e42"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxizaSxKVNGAPQIQ1ohXMFbZjvbjeELbVT4m%2BAo1Z0hLuoKRbPLaKDKv8EaaBMO%2B0rRnVQt231Hrq0wDZPo0ZbQgpapb5HTko9KIA52sUD8XrqkArV4YWVDOuXlkdFQ1SsmG%2BFuv%2BGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b2bd81887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detektor-brehni_300x227.png
www.stb.ua/dnk/wp-content/uploads/sites/760/2020/08/25/ 59 KB
60 KB 40ms
40ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/dnk/wp-content/uploads/sites/760/2020/08/25/detektor-brehni_300x227.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 794627d23fa3466c025ce236b7f95bbaea3815321b07e6d1191d5b4754f63285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4430291
cf-polished: origFmt=png, origSize=93062
content-disposition: inline; filename="detektor-brehni_300x227.webp"
content-length: 60782
cf-bgj: imgq:85,h2pri
last-modified: Tue, 25 Aug 2020 14:28:58 GMT
server: cloudflare
etag: "5f45202a-16b86"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3k3kUw%2BNDDaPpJhnWTtSZ3OclhQLz4O1nwZbmwgOw%2B1BBOXWN2gzxWtEQA1TIn5depFXkslkX%2B8x2jSo5OWKNqWVb2CajqwKhNy1xdbeG%2BqmA325xaN%2FD15xG22LmOhDGtfe%2FNg6jI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b2bd9b887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shaslivi-za-7-dniv_medium-size-for-al-proj_300x227.jpg
www.stb.ua/shchaslyvi-za-7-dniv/wp-content/uploads/sites/772/2021/12/01/ 5 KB
6 KB 42ms
41ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/shchaslyvi-za-7-dniv/wp-content/uploads/sites/772/2021/12/01/shaslivi-za-7-dniv_medium-size-for-al-proj_300x227.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97a843394d321d07d9b603a40c0eff9ce38d9e058ac8b88617095bf8624712bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 668520
cf-polished: qual=85, origFmt=jpeg, origSize=40434
content-disposition: inline; filename="shaslivi-za-7-dniv_medium-size-for-al-proj_300x227.webp"
content-length: 5226
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Dec 2021 09:37:08 GMT
server: cloudflare
etag: "61a74244-9df2"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKSYA8hLSBOHhYexZcvI7p%2ByHokv%2BuBhaEExlNNwNV9JiLBeW40FqG1zFKwM3Rdx2Jq%2F%2FEWI4zghJUPUSbgYCu4EJPu8XAO%2BsKuZYzfqFDPa1ue1j8M9CzktsHHdtKQRTdNqh5MIWkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b2bda0887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 220x312.jpg
www.stb.ua/masterchef/wp-content/uploads/sites/6/2022/07/20/ 5 KB
5 KB 38ms
37ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/masterchef/wp-content/uploads/sites/6/2022/07/20/220x312.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f647b8ca08ed8cb859560c6750c5157e7bd7ed7d83d374162bbe90609e5fa556

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 619864
cf-polished: qual=85, origFmt=jpeg, origSize=29490
content-disposition: inline; filename="220x312.webp"
content-length: 4760
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Jul 2022 15:44:08 GMT
server: cloudflare
etag: "62d822c8-7332"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlNEu%2BdOHLJ%2BRGhRRpqcS8gV2J72CU%2BWQEHNltCuRP00%2FI1FvAZgJWWYpxOTQLGMJpOzdWg1aRbcn9fqM9BPxN%2BcT0bPVbfjbJKmqf0RDmbkj%2FZ3QMMuDb8WjRkYCGw8iRPzh9qQfNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b2ddc3887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 300x227.png
www.stb.ua/yak-ty/wp-content/uploads/sites/783/2022/06/15/ 43 KB
44 KB 42ms
41ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/yak-ty/wp-content/uploads/sites/783/2022/06/15/300x227.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 984878b4ed891c1b5aed3680d0d4d2297f8a4bba2710e7856b007dcdb22d5984

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1213995
cf-polished: origFmt=png, origSize=65448
content-disposition: inline; filename="300x227.webp"
content-length: 44194
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 10:41:16 GMT
server: cloudflare
etag: "62a9b74c-ffa8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNL3KCh5OwovuC3GuzfXq1y7imv6ZSPWRhGz7%2BRL03I84jRWaSZZtRgUZ%2FE0nq9CdeNwRxc2tdi3dQItOqyb4rPIIZRzK4yr52Q7cd36m0P8ZcogKt%2B6JQgrVQmQuiBgevv925buodM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b2edc7887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SERIAL_medium-size-for-al-proj_300x227.jpg
www.stb.ua/serial/wp-content/uploads/sites/26/2021/11/22/ 3 KB
3 KB 42ms
42ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/serial/wp-content/uploads/sites/26/2021/11/22/SERIAL_medium-size-for-al-proj_300x227.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bbfc1a5f89db4ea1d80b72c17542bfe74835b74bea163f67f0f50f1e28f2ff8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 635447
cf-polished: qual=85, origFmt=jpeg, origSize=23666
content-disposition: inline; filename="SERIAL_medium-size-for-al-proj_300x227.webp"
content-length: 2980
cf-bgj: imgq:85,h2pri
last-modified: Mon, 22 Nov 2021 15:46:12 GMT
server: cloudflare
etag: "619bbb44-5c72"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjIzVKuilrodsE7fjdUaLMerWX9K3xo2NOY8jHe%2FkDi9rj2rrqOWvnFATKyZqF%2BBSj4T%2FeEpfhlPDDdxpyFpKUAH0a%2FoFJP2CDDRI5A7DsdhERcIUU%2Bmcl%2BYsIbPym4mHElO89APeCw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b2edca887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slide-1.png
www.stb.ua/wp-content/uploads/2022/10/31/ 377 KB
378 KB 50ms
50ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2022/10/31/slide-1.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9015799c23516f82b01bf66c82d801c174581c9a2ee3ee9059b8f26d9e4a07bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 833246
cf-polished: origFmt=png, origSize=614943
content-disposition: inline; filename="slide-1.webp"
content-length: 386304
cf-bgj: imgq:85,h2pri
last-modified: Mon, 31 Oct 2022 09:25:08 GMT
server: cloudflare
etag: "635f9474-9621f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i0BrvzZKt%2BCTnijupHtXdZ0yg43xeYDg%2Fj1KKq3sHOj8w6TpRNhXiQjgGyjQMNzoWqgBN0Vq1KpfK9dy%2B308wKXWiHQhsx2sC1ae4j8vTQ5TMB6LyWj6YGZPEtM%2FBPkGijQ7G3Q%2Fbc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b14bd0887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slide.png
www.stb.ua/wp-content/uploads/2022/11/07/ 421 KB
422 KB 40ms
40ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2022/11/07/slide.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5d76c4350fd6291d9fb0a40923248d7cddaa6ad0ac1cdcb21cabe27b2d0b080

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206264
cf-polished: origFmt=png, origSize=744722
content-disposition: inline; filename="slide.webp"
content-length: 431196
cf-bgj: imgq:85,h2pri
last-modified: Mon, 07 Nov 2022 11:16:27 GMT
server: cloudflare
etag: "6368e90b-b5d12"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiuBsjIr23sEw%2B0%2B9e56bnjhvtInekdq3igYNiHVILGBmsXoO4UUWQe7B2Pd3Gs4%2FCAy6IynGmo0dc7YpJZyJxQs726b3500JGLv1nF4Pw5bwkRa27ctwntql4WO4JiCN%2Fiyn1iKcRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b14bd2887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slide-1.png
www.stb.ua/wp-content/uploads/2022/10/07/ 860 KB
862 KB 39ms
38ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2022/10/07/slide-1.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 972babe3c9374daa3aca7cc88e204de9491981aa68ced699f21234acf2c70bbf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1019373
cf-polished: origFmt=png, origSize=1218374
content-disposition: inline; filename="slide-1.webp"
content-length: 880838
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 Oct 2022 11:49:18 GMT
server: cloudflare
etag: "6340123e-129746"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyU41dIXBYkXzy03BVWCuKIN%2BRGj8o0zZQJrDfNgtw4bxKfq3uqdTKiaSAGcvTw7ltCktp3rHklD0zQxtr6r4TAw765uv%2BzRWMBvvXUcFjKS8CSBL7PLs3HeCY87mUFq4vOfget13T4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b2fdd5887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slide-1.png
www.stb.ua/wp-content/uploads/2022/09/07/ 331 KB
332 KB 44ms
44ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2022/09/07/slide-1.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50554cc3fcf176ac6e72c8c872cc3502dc9f52c80b5036c991ff50509c042fca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1355693
cf-polished: origFmt=png, origSize=550453
content-disposition: inline; filename="slide-1.webp"
content-length: 338914
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Sep 2022 11:18:06 GMT
server: cloudflare
etag: "63187dee-86635"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Res%2Batehrq4KLN%2BMT53QWrsdlxeYnr80aiyMXcFkm7EeS%2FMxBEUbGbf6B0uOsepkZw9fT1pI%2FmcF2Womkiq3Kge7jkVAvQFvHNhRDypf0J0oa5YsaoEfrtduCiSId%2Fy6lrhwdIy9G5A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b2fde4887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slide.png
www.stb.ua/wp-content/uploads/2021/12/24/ 480 KB
481 KB 52ms
51ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2021/12/24/slide.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 064af7f5c0ba01235635fb0cd5a75db8743cff72484252a4cc02bca699f79987

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 628376
cf-polished: origFmt=png, origSize=854110
content-disposition: inline; filename="slide.webp"
content-length: 491404
cf-bgj: imgq:85,h2pri
last-modified: Fri, 24 Dec 2021 09:42:39 GMT
server: cloudflare
etag: "61c5960f-d085e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5ct2FZzCS%2FY3Qq%2BHz0lyQgLR9ZL%2FTpVm6nita%2Fw4ijHdipwbWVPk73ulyTbK2WgsqIvnFAn1bDdg1f4OTdQjy7F5hAEXKI4WId%2Fh4YbyCd1Scod0OucPAI86m7YaZJd0%2BEaQs7lq4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b30de7887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slide-1.png
www.stb.ua/wp-content/uploads/2022/09/23/ 425 KB
426 KB 44ms
44ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2022/09/23/slide-1.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229ead6e8dbb72ffc917b0b212824ee4d6b1848d15e62c8d03c42972f5107e50

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1355693
cf-polished: origFmt=png, origSize=760758
content-disposition: inline; filename="slide-1.webp"
content-length: 435456
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Sep 2022 10:11:44 GMT
server: cloudflare
etag: "632d8660-b9bb6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6x%2FY2Man%2F3hsroQEKbW%2BsFDoHJe7L%2B34RKhqHBvmyPlFi6jklSqU6etQ480XsJWQjdM%2B5oY1jVn8OJ%2Fm38RxfMBpVKEJ9%2FN6YcNwRuvfJRB9GQoH8csSc1fB%2B4lFWq1raIScslPXsqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b31e0b887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slide.png
www.stb.ua/wp-content/uploads/2022/07/04/ 575 KB
576 KB 42ms
42ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2022/07/04/slide.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e01fd8c8326e8bee7dc6d9cd25bda8cbad3e225989c1492f169e8e949fd3aad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 488185
cf-polished: origFmt=png, origSize=924356
content-disposition: inline; filename="slide.webp"
content-length: 589270
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 14:01:41 GMT
server: cloudflare
etag: "62c2f2c5-e1ac4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frdNmPkOlSeHdZ%2FEEOWK4JkZuvZfzA8Kc8ZpQmq6cwIonXAIXO9scr3asWWTQ861%2BrowHZs3V55DRQ4XHuZs3fjlljf%2BgUHS17%2BFsEtzCxvBltkL2nerU%2BAHUX2jGwjEH6sBqyb339M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b32e15887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slide.png
www.stb.ua/wp-content/uploads/2022/03/23/ 883 KB
885 KB 51ms
51ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2022/03/23/slide.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c356d958d8e772a1a565f37b5063664c51a3e72c085a2d61bbef24c0cb69e563

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1055051
cf-polished: origFmt=png, origSize=1218394
content-disposition: inline; filename="slide.webp"
content-length: 904376
cf-bgj: imgq:85,h2pri
last-modified: Wed, 23 Mar 2022 07:49:31 GMT
server: cloudflare
etag: "623ad10b-12975a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3qMT2wF5dSu5DOeKm1tF4iL1I6Te7Pb4AHhFh8%2BfJVUxHB1%2BfavTq689I%2BmHFoozY%2FVrFFUq%2B8PmBEEtwik6CPQ8MYmUgsX9kBcWQbUxnFZ4bn187RQ0N7xA0fMTYAka4qAjDXUvE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b32e16887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 outstream-unit.min.js Show response
player.vertamedia.com/outstream-unit/2.11/ 215 KB
58 KB 138ms
40ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vertamedia.com/outstream-unit/2.11/outstream-unit.min.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 30d26fb316d4e40b1bbc518fd6f379f2ce289db5ab3fc400bf9c5f59cee0d660

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 12 Nov 2022 01:10:31 GMT
date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: gzip
last-modified: Fri, 11 Jun 2021 08:33:17 GMT
server: nginx
etag: W/"60c31fcd-35dc2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 constructor-person-widget-bootstrap-front-ajax-loader.js Show response
www.stb.ua/wp-content/plugins/constructor-persons-widget-bootstrap/js/ 562 B
643 B 45ms
44ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/constructor-persons-widget-bootstrap/js/constructor-person-widget-bootstrap-front-ajax-loader.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a61a79b7e340c3bb31a13f92e12137f69fff10a16bc1e31b04a239e70ad826

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4388351
cf-polished: origSize=867
cf-bgj: minify
last-modified: Wed, 14 Sep 2022 10:28:51 GMT
server: cloudflare
etag: W/"6321ace3-363"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oegq6Wb%2FTLDjGqMFCssJNyrPEqXEnqE%2FZpSyj9xTkvRnehR%2Fv2qmJuGMEO%2BOPf5IdeqIo48K1fuz%2F7bfv%2FaPDc4J8FGd1tWZEjo%2Fmzsb092jOPw0V6Jc%2FSNIwKLOr%2FanRW1Oc%2FAnmvc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b10b8a887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 constructor-front-ajax-loader.js Show response
www.stb.ua/wp-content/plugins/constructor_grid_widget_bootstrap/js/ 2 KB
866 B 47ms
42ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/constructor_grid_widget_bootstrap/js/constructor-front-ajax-loader.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52a2a6ba0f594e32a42dd0360abf506de58f959414560ffc0a1e552e064e68a4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13162722
cf-polished: origSize=4533
cf-bgj: minify
last-modified: Wed, 06 Apr 2022 10:44:33 GMT
server: cloudflare
etag: W/"624d6f11-11b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHot%2BC7PHcF72kQoJ%2BpxdUZMZ%2FPqoMkPTTlwseDwAGXuu02RkH6YrvhHYQJarYTE8cKG7ysgmA8xst6WfxYDodJTlptvHvj74oELYkeo1Vpn1Si2Vilvb57cXP1qElDdQdhBhXGPkK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b11b9d887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modernizr.custom.js Show response
www.stb.ua/wp-content/plugins/mistape/assets/js/ 8 KB
4 KB 49ms
44ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/mistape/assets/js/modernizr.custom.js?ver=1.3.9
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c2df40c158cee51f81fa93f874c4bf5975dbe5dfbbac05fd4019d3de0623ca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 740831
cf-polished: origSize=8372
cf-bgj: minify
last-modified: Mon, 31 Oct 2022 16:14:40 GMT
server: cloudflare
etag: W/"635ff470-20b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNtnAY9ucCL59M3e%2FkplQoMJgchRA9M3Vf1O3BTMc4hgTXOcMmTBKnZwbwAEyKMZ3dbjWtUwuarG3Un8W1Piqm5V7yYT30gx%2BCnpc6pZLma3z2eFVRsbaLD0OzgvxELsxLr2VmZ4XI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b11ba1887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mistape-front.js Show response
www.stb.ua/wp-content/plugins/mistape/assets/js/ 19 KB
6 KB 48ms
43ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/plugins/mistape/assets/js/mistape-front.js?ver=1667905004
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d27b659c0756b28928dbf7c441e0e4257bfed808d79d0b15f1d6edc9d86676b4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130250
cf-polished: origSize=29707
cf-bgj: minify
last-modified: Tue, 08 Nov 2022 10:56:44 GMT
server: cloudflare
etag: W/"636a35ec-740b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRzKG6mnjsXJcJ9ZgtNBC0kXMw%2Bl0%2BzcrTytDYrt%2F73c3b65zT6iMZdndo1Qp3mXbY9NWU08NiJN7IIY451KoHDeqhvCWZcflw9xh8obU90egIeNc%2FNkh188CKlbvhHYO83zrS%2Bog7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b11ba2887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
www.stb.ua/wp-content/themes/STB_New/old/includes/js/ 22 KB
6 KB 50ms
45ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/old/includes/js/main.js?ver=2.7.3
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8832369100c7e33bc9a05f1d014ad28858fb325ff1d2a2bee1764ce5f84f940e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13150505
cf-polished: origSize=38861
cf-bgj: minify
last-modified: Wed, 06 Apr 2022 10:44:44 GMT
server: cloudflare
etag: W/"624d6f1c-97cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyfg47E93zwFxN6hkPCP3e77V8NshdlK%2B1TXsdZ6Xgkcb8Dnq0PWhcMYKLrlMRgh2Hm9tx23O21d5AazKvMQe3g6FF88yS69OQkzORR1Uqb%2BZV93wGCUG8G0SwqgzbRBwKGoKqK5GTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b11ba4887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment-reply.min.js Show response
www.stb.ua/wp-includes/js/ 3 KB
2 KB 49ms
44ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/js/comment-reply.min.js?ver=6.0.2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 09:29:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 599591
etag: W/"63623867-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOA5I5zIPA47BiJWHpf3X%2FOmxu1WltuImTeFa8b%2B9ZQ6wQzvKhRoHqU0ZCSYHzH8Y7T7%2Bq5y4zNCBRnJJ%2FFvvh4%2F4v98jfB%2FCRgnqKqmm3wFvzZ%2FAFgk2vrEyy32VVym2c5H%2BftJvs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b11ba6887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 datepicker.min.js Show response
www.stb.ua/wp-includes/js/jquery/ui/ 36 KB
11 KB 69ms
69ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e65f5c3b3b4c402074c19dee3d24d6bc02a8a86b19c8c992a4a6e78b254b2cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 10:28:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4865190
etag: W/"6321aceb-8f87"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLrdVY%2BKUb8NAHE7g57GtkBJU4Da0HQOONVIkoMA9XMONZlzgDMHUIu%2BZZ%2Ftc3czuMVFLPTl3FdnJIcSOzUOluWYn4kE7GdH%2FvKLiRf%2BQJfR%2Fjhx1Visa7r8NvcmPB%2F9%2FWbqOEzGs9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b16bf3887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 what-input.min.js Show response
www.stb.ua/wp-content/themes/STB_New/assets/js/ 3 KB
2 KB 42ms
42ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/assets/js/what-input.min.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e24c863fadbd7f488b3fee007eda7afa435d1944acbfe8d895df73b8fa198d1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 10:28:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4388351
etag: W/"6321ace9-c24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjXyUxcDt0oeGDncBpWZC9MRpLB9GCbIvTBPS%2FRS%2FvdioiBOQIcV4RmHSpk6dhpd98oTG7jVQepmbJPsMSNhW92uTP1R0uVjJdoDnRwSYVrhFATAO8kl9nrMNwUaM0NtuENizk2rl4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b17c1c887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.js Show response
www.stb.ua/wp-content/themes/STB_New/assets/js/ 42 KB
11 KB 42ms
42ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/assets/js/slick.min.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 10:28:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4388351
etag: W/"6321ace9-a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPoxJeR0wXbTsmyuC3UevV13P927mKXv1GEFENZkikOkj%2BZbvSqyhWzAeNdkubNJW0HMHZg%2FqWRcHN2VLsfjiRWfnMlXP28p%2Bx5ZUA11nsk9CYOJ2ppwqpfLNIImtrKVgaKA8uWzXN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b1ecb6887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foundation.min.js Show response
www.stb.ua/wp-content/themes/STB_New/assets/js/ 145 KB
32 KB 43ms
43ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/assets/js/foundation.min.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9916250aee441bea2e0f4ed6c4b17cbf8640658080e96ae67485f29f506ff559

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 10:28:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4388351
etag: W/"6321ace9-2454f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHlVxlbZ%2F%2FSheZyQ7iKypQKACb%2FN7XCb87Fkh8qggtk6EvqjmnSvWX56eiBGkwORe%2BGYZaAiQE%2Fjxg2iQQJxy5v%2BSbjtjXL%2FLhQDfoF4JN753DN8Mh2mq0xkp1yxbZEWmS1Gstto4Vg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b1ecb7887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.js Show response
www.stb.ua/wp-content/themes/STB_New/assets/js/ 2 KB
1 KB 41ms
40ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/assets/js/app.js?ver=1.0.2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d0b5d14b360e6f61ffa8598c1885d937c076cd813bda8b287502bd38ae94047

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11958111
cf-polished: origSize=3277
cf-bgj: minify
last-modified: Fri, 24 Jun 2022 14:52:16 GMT
server: cloudflare
etag: W/"62b5cfa0-ccd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zi9uAP%2BMW3KuvOrS5IdFufXm58%2BpRapkWRrILq6R4URUL3JyPYbTT0XPGTGzIESyYHGtIMqPeyuCIxjnaOzF6UIPfXG2ERGY%2FvdzXNFQMTIResTw28PdQiLdCsywfhWLGgtiI2ueoIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b23cfa887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick-carousel.js Show response
www.stb.ua/wp-content/themes/STB_New/assets/js/ 4 KB
1 KB 39ms
39ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/assets/js/slick-carousel.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd5ffb3d4240e9e78023fbe129530c51392269cdc2635962482bdbd0e09dd73c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13162070
cf-polished: origSize=6574
cf-bgj: minify
last-modified: Wed, 06 Apr 2022 10:44:44 GMT
server: cloudflare
etag: W/"624d6f1c-19ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQxc2uGzwN3M5gLfWMwqr5ZM40RIxQO61U%2F4jVRX0ogjN1n6Q35NmDhI4WxCVp04YCcclTp06IQJmyoRHjEVRjaB3H8NbStNacdOzGTQSWedPk9KUgH52SSxthqMqCrK1qgFhukN%2BXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b23cfc887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
www.stb.ua/wp-content/themes/STB_New/assets/js/ 4 KB
1 KB 46ms
45ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/assets/js/main.js?ver=1.0.4
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b4083b6d1c5cc7059067c7ab7ce0530362990233de9626274a4f7e573025d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 701222
cf-polished: origSize=5776
cf-bgj: minify
last-modified: Tue, 01 Nov 2022 11:29:04 GMT
server: cloudflare
etag: W/"63610300-1690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyHlD3Jh0rzWCotSY3397OXIJURy4fe%2FqPsN8x6QC9gsDPyruqrF%2BAB1iXfH0007wwxaH3UZZcr1r8ZP1Ppw3VLLM0iviX5PfBPXda8KuJ8Xa9tyr%2F%2BNGDjbLVZ4FfSQL%2FuAI1C4LDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b27d3a887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.js Show response
www.stb.ua/wp-content/themes/STB_New/dist/js/ 79 KB
24 KB 39ms
39ms Script
application/javascript 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/dist/js/script.js?ver=1.0.3
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de66bece00078f3a129cebae471baa0c323cf63c5c9f1804455d57c9f111a16f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 07 Sep 2022 10:57:01 GMT
server: cloudflare
age: 5492940
etag: W/"631878fd-13b70"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KibBH3h6yehSNfUGZg6oVnLujTQ%2BVSrAHbgV9148kE60NTAG%2FjRthio0%2FssxlIsCDlSGDXEWiTzNzaBQ3kdOGnAaQKFZP9Ej29xyu4DQsErMEWsW5TyVom9QXxYtkrBzz1KBW70yXrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 767ae8b27d3e887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 266 KB
78 KB 139ms
49ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NGNC56

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3f57bf45ca84ae5bca8c00862e8a5a421412bb13a4e259f4e809a2d5bc7cdf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79323
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Nov 2022 01:10:31 GMT

GET
H2 200 autoUpdate.adriver.js Show response
ua-content.adriver.ru/plugins/ 5 KB
5 KB 454ms
74ms Script
application/x-javascript 23.111.96.52
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://ua-content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/wp-content/themes/STB_New/old/includes/js/adriver.core.2.js?ver=6.0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
last-modified: Thu, 27 Oct 2022 13:06:05 GMT
server: nginx
etag: "635a823d-1455"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5205
expires: Thu, 10 Nov 2022 02:10:32 GMT

GET
H2 200 hb_266844_676.js Show response
player.adtcdn.com/prebidlink/463345/ 352 KB
105 KB 514ms
450ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/463345/hb_266844_676.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 674da6b076da2b6a4e683e409b4f0ac01388f5368f7dfc60d1fcac693526a83d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 26 Oct 2022 09:19:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6358fb89-581d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ompg0ogf209whKWjjpZup%2Bdilm9nrvuUxoPX27ppj%2FCvZK%2B5jIUjfCxZU3uU9W4u9gykxQy51NOOPkJQVpuuMuZ9eQDbEUGP5enQekja5VtKwdMM0ajzzv9TnusDDHdeyagesYaMB4%2Fygfgis8hhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 767ae8b1ac1b71e0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 10 Nov 2022 01:25:32 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 139ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ef86136d5a7c12ec0c6ea8ff97fead63047646efe6afa127aabd4a121ddb4bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27322
x-xss-protection: 0
server: sffe
etag: "1389 / 317 of 1000 / last-modified: 1668035351"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Nov 2022 01:10:31 GMT

GET
H2 200 wrapper_hb_266844_676.js Show response
player.adtcdn.com/prebidlink/463345/ 2 KB
1 KB 253ms
207ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/463345/wrapper_hb_266844_676.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aceddab3a848e5d836b7361dbb6014c79aabfea99b6dc7413ebe3e523775bc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Nov 2022 12:36:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636112ea-6c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbjwxrQbPOOtp0xQda%2B8mPHW23BEFXF4N157nfEH32eQViqnP1ESA1yMTpfKh%2BdU2aKL044xdbcJhBczhfMlChzWkDeSKAXCB%2BKygiLKMcRmWy4%2FzDfTL62Nxps73404aLoB81gYSnncI56buMNHGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 767ae8b1ac1d71e0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 10 Nov 2022 01:25:32 GMT

GET
H/1.1 200
OK pT2IkoB9CSBk Show response
cdn.onthe.io/io.js/ 56 KB
18 KB 184ms
87ms Script
text/javascript 142.93.164.210
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/pT2IkoB9CSBk
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.93.164.210 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5d3e8ef8f3c731bc2f3692f5fb883abf661853be312faf3f2a248777aa59dde1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 13:15:46 GMT
Server: nginx
ETag: W/"60e6fa82-e018"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Fri, 11 Nov 2022 01:10:32 GMT

GET
H2 200 xgemius.js Show response
ua.hit.gemius.pl/ 59 KB
16 KB 195ms
54ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.hit.gemius.pl/xgemius.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 86734c520bde4e65fb53c83d1bb74e41e30bee003caad015dbe5817557b2a2ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 11:44:35 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 15973
expires: Thu, 10 Nov 2022 13:10:32 GMT

GET
H2 200 CynthoNextSLM-Bold.woff2
www.stb.ua/wp-content/themes/STB_New/dist/fonts/ 40 KB
41 KB 156ms
156ms Font
application/octet-stream 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/dist/fonts/CynthoNextSLM-Bold.woff2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37cfdfdbf588191b362c774485974ace9fe27a06b2a6bb8d4929142be502dd9a

Request headers

Referer: https://www.stb.ua/ua/
Origin: https://www.stb.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Nov 2022 10:56:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "636a35f7-a1c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N349UR5nelhtRt4H4SjOohAGgZeFIpOVCOqB2K9akXA9VGShNzezWXw1eBlwo8ZRAhCUYK7Hl1eXG8Maelr3bePOsc8ddsayke5FP4tNeYoD9L7iNON2RufRgIJ4dtyYXNRcesvKgAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767ae8b12ba7887d-LHR
content-length: 41408

GET
H2 200 CynthoNextSLM-Regular.woff2
www.stb.ua/wp-content/themes/STB_New/dist/fonts/ 44 KB
44 KB 148ms
148ms Font
application/octet-stream 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stb.ua/wp-content/themes/STB_New/dist/fonts/CynthoNextSLM-Regular.woff2
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ce6272f979d5b798a797333aeabc05cefa0388c9af0ccaee9017ce26df868d4

Request headers

Referer: https://www.stb.ua/ua/
Origin: https://www.stb.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Nov 2022 10:56:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "636a35f7-aee0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lg2d4O2CmsXABpHrrIKNLYHEcx24045rvXJhiUG53zY5VI5ciFqTVMbAh1bIIZKQzVTIGSne3uPYE6Qzoh7TAtC%2FhVn3awgE263hWepQvmmfPw0FCSfUEjxU8v6LDOUOsHRqtUxZBMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 767ae8b12bab887d-LHR
content-length: 44768

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 259 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d58327a6607507aff0e1eb8143f4829bddfa2e932a565e9441d05c5e1d2eea7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 play-icon.svg
www.stb.ua/wp-content/themes/STB_New/dist/images/icon/ 1000 B
859 B 38ms
37ms Image
image/svg+xml 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/themes/STB_New/dist/images/icon/play-icon.svg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1680259752ac008cab4652269a11999deeb1254808ff9dfe2b73aa64baf29ceb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 10:57:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5333879
etag: W/"631878fd-3e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2F4xt4LnRdt0AXRNv%2FfRAHfDupV%2FOQCwgvYm8X%2BvlXnQUxQ2EsBLUXmu4Bet%2BazcZnYLoCGwWRsHtnRcSuuEgngHFN5TPdaYfjLMAOlW6qWp7OXVLckosQXZOha2KIiBz0Lns3%2B7NiQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 767ae8b14bcb887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_4_1667610840-300x225.jpg
www.stb.ua/wp-content/uploads/sites/4/2022/11/05/ 12 KB
12 KB 44ms
44ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/4/2022/11/05/thumb_4_1667610840-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a18cd1ab9e68a5c743a2c326e9c7c60acd8b7c814e9f2d18807657d9af9eea7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282801
cf-polished: qual=85, origFmt=jpeg, origSize=14252
content-disposition: inline; filename="thumb_4_1667610840-300x225.webp"
content-length: 12264
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Nov 2022 13:55:03 GMT
server: cloudflare
etag: "63666b37-37ac"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nh%2BOYLin81XR9bz4hO6EWtISfKxJAIRuktHFbv4hprjLUSGo8cLzHGXsD0IyqseY9pDa4gtzFpiMtsiRSenQslT9iiQafFR1%2F2aYyTF52FUM2dDwXIItsHHf%2BhT0OU9EbX4YM13OvmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b19c5d887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_4_1667677542-300x225.jpg
www.stb.ua/wp-content/uploads/sites/760/2022/11/05/ 15 KB
15 KB 47ms
46ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/760/2022/11/05/thumb_4_1667677542-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d648805197f70b2456d14c63ffc03255e65753c7133c93e8d3a34e52c21c1547

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 286099
cf-polished: qual=85, origFmt=jpeg, origSize=17257
content-disposition: inline; filename="thumb_4_1667677542-300x225.webp"
content-length: 15240
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Nov 2022 19:47:01 GMT
server: cloudflare
etag: "6366bdb5-4369"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35u7pAo044MlWptU43dI2PmXPF%2BjO3ijuamYh7RBKGR6PVXu2WeGLRBw4J2BUDrVVeo62%2Fflj9jXIhmRIgHLBlJXW52FNqeSjQ24jYS%2FMJiq91zoSGMmcbAKgiWY4UAzDVoz%2BYe2IBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b19c5b887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_4_1667569566-300x225.jpg
www.stb.ua/wp-content/uploads/sites/6/2022/11/04/ 14 KB
14 KB 45ms
44ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/6/2022/11/04/thumb_4_1667569566-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45bbe6979ad62808c4d1e86036d1b4c739d59794beed9e4c1a08d34d2fa0403c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 370485
cf-polished: qual=85, origFmt=jpeg, origSize=15905
content-disposition: inline; filename="thumb_4_1667569566-300x225.webp"
content-length: 14010
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Nov 2022 14:33:33 GMT
server: cloudflare
etag: "636522bd-3e21"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FyBeolef32tSCGSYNzsACTix5VShvGN0cEUHNaKVm4uyQqXKopWnLcSdoQluYI9q8vq%2FXyHyu4SyKaxs6UPAib0lYsgCFhB6V7uf%2Bj4VMPTzGQrQNMbdf6yHJrPdft6l0xCfJ4IbqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b19c57887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_4_1667655257-300x225.jpg
www.stb.ua/wp-content/uploads/sites/91/2022/11/05/ 8 KB
9 KB 48ms
47ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/91/2022/11/05/thumb_4_1667655257-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6011f5827e798bc48f43db1976aa015d84f184b43a052669e6553e44433c1eb9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 370486
cf-polished: qual=85, origFmt=jpeg, origSize=11437
content-disposition: inline; filename="thumb_4_1667655257-300x225.webp"
content-length: 8508
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Nov 2022 13:39:39 GMT
server: cloudflare
etag: "6366679b-2cad"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WESm%2BL%2F%2BagB%2F7hAG7JYD23eKuaW9ixwX2JBWn%2Bixv%2Fkk51lSHp7AtR%2FZLpKQ%2FXKMBQAh5T11f5znOyCImnlXwQoF%2F8cl2xf922KkVKf396z%2FC8EW1rEXUpW4chcNEHsWPSCUIOFQgQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b19c59887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Artem-Nazaruk-6-300x225.jpg
www.stb.ua/wp-content/uploads/sites/4/2022/11/09/ 5 KB
5 KB 47ms
47ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/4/2022/11/09/Artem-Nazaruk-6-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce3006eed788c7f70d96e5bd0a27dfe782fcc298506f8476d8f9a8af49ac583d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37227
cf-polished: qual=85, origFmt=jpeg, origSize=14426
content-disposition: inline; filename="Artem-Nazaruk-6-300x225.webp"
content-length: 4924
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 13:54:38 GMT
server: cloudflare
etag: "636bb11e-385a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bhgxk%2FGVF68qqW3UGvGOVnZesPj%2B4kb4KnpZIwQ06QbwYy6bGWWThR%2BGPMp9hpVvfKkW%2Bu%2FDIy8Fwg7B1PaHFKgmvF9xwO0csaFDpRP06%2FgEp3l%2BGkcFV%2BDaaCnT0GD6NyCxoEMl87c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b19c61887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2021.11.13-msh_5-300x225.jpg
www.stb.ua/wp-content/uploads/sites/6/2022/11/09/ 13 KB
13 KB 48ms
48ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/6/2022/11/09/2021.11.13-msh_5-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 990e6a060e5152542f2f20c1520551cf0120ecef9131fbdd8bed5c7c3559375c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37227
cf-polished: qual=85, origFmt=jpeg, origSize=35455
content-disposition: inline; filename="2021.webp"
content-length: 13256
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 12:31:12 GMT
server: cloudflare
etag: "636b9d90-8a7f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzE7e76isvwm5bASWfJ3R8kqtt3807OaPZ22ORkrwFiq2p0aUgfYNcemUrCokx1DsEKVBfczB3i%2BcEzQVbCHbjue%2FOoZty%2FVXP0up1KLk419EwXvLmfBOMkwhCkmu%2BZI6eVKy%2B75QtA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b19c60887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 YEvgen-Loj-3-300x225.jpg
www.stb.ua/wp-content/uploads/sites/4/2022/11/08/ 8 KB
8 KB 42ms
41ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/4/2022/11/08/YEvgen-Loj-3-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91b9b6944449cdf72d9618dcbdd90cfadc80e3d18c02185e98ebcb6e25fde5d1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 107750
cf-polished: qual=85, origFmt=jpeg, origSize=21767
content-disposition: inline; filename="YEvgen-Loj-3-300x225.webp"
content-length: 7946
cf-bgj: imgq:85,h2pri
last-modified: Tue, 08 Nov 2022 17:37:52 GMT
server: cloudflare
etag: "636a93f0-5507"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InkooKmj%2FV2G6%2FZy8yGpYZUqYEtA2DIRJ1E4NlRXdEfhYXkmCW6MfJODufGpMBdGnqjlaibpGlwTCzi3JK2LKvBeOL7wlQmXYMlrri6FZb8Wg8nOagQzzXal0MH5oaxwCK1nrScu6eU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b34e35887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2-pl9o4yq5lkgfmth6a09j4q05c283vuaddacs56oe5c-300x225.jpg
www.stb.ua/wp-content/uploads/2022/07/19/ 3 KB
3 KB 41ms
40ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2022/07/19/2-pl9o4yq5lkgfmth6a09j4q05c283vuaddacs56oe5c-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56209303500034dfb724a152276fa919e920841d3cca512837de31af28a154e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 574436
cf-polished: qual=85, origFmt=jpeg, origSize=4772
content-disposition: inline; filename="2-pl9o4yq5lkgfmth6a09j4q05c283vuaddacs56oe5c-300x225.webp"
content-length: 2574
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Jul 2022 14:58:36 GMT
server: cloudflare
etag: "62d6c69c-12a4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VctE45KiP9uBe7ja4eRqKQxwvFcFshjT1kwbeS1kQIrSngXatNabVCxuLSVzGNd5Uhr3lwVToHBNy1SbAncZMd8Gnu1w%2Bu%2FeANsbetUaBgD%2BaypehpsaPbx5kXoVsZCIIgImQuriW9A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b35e47887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK config.json Show response
static-cdn.adtelligent.com/outstream/789/ 1022 B
899 B 333ms
103ms XHR
application/json 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.adtelligent.com/outstream/789/config.json?hn=www.stb.ua
Requested by: Host: player.vertamedia.com
URL: https://player.vertamedia.com/outstream-unit/2.11/outstream-unit.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: b817795deaea76c168002bc53b720c6a8c05370f66e10ddc9bc301301acda4db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jun 2022 14:40:56 GMT
Server: nginx
ETag: W/"62ac9278-3fe"
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.stb.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK /
bootstrap.adtelligent.com/outstream/ 43 B
229 B 325ms
103ms Image
image/gif 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bootstrap.adtelligent.com/outstream/?page_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&time_to_event=1668042632064&event=outstream_bootstrap_application_loaded
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:32 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK allstream-stats
aux-log.adtelligent.com/ 43 B
277 B 321ms
99ms Image
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aux-log.adtelligent.com/allstream-stats?e=216&st=2&tte=0&site_full_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&fif=0&foc=1&bv=2.01&format=4
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:31 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK adm
aux-log.adtelligent.com/log/ 43 B
277 B 303ms
102ms Image
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aux-log.adtelligent.com/log/adm?page_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&sid=789&tte=0&event=outstream_cfg_load_settings_attempt
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:32 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 664 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a760b7dd182bf1a299fcba074411fdc888772bdc240404363d5c82a5b3b7eea4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de475b96fe110fff82ca419b05b3c199dffdc545f383175083190c490e147bdd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04019e099df85779f04fbfff5dbb3bab2e2f9ab1b4c5f69486bfe6f8789f6d7e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee5379ebc71047fe98725dbd730e9b53070d91d74acb267b64bb4dd74a86792

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sdk.js Show response
api-esp-eu.piano.io/public/sdk/v04/ 43 KB
14 KB 116ms
45ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 42726
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 17 Oct 2022 11:37:36 GMT
server: cloudflare
etag: W/"1bbec-183e5bc2400"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp-eu.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 767ae8b3ed77dd3f-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 10 Nov 2023 01:10:32 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 102fac1a6cbf1be9b9618bb046c7d8aa7d74ba43145b0956d5b48b00deb7b4be

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 606 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63fd7a6ad56216a6e12a61d578809fba2995bf40741d17f8eaaff5220a9c9b42

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 563 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3426628bc5dc8b85b5e08daf5796879f07c5a1c92a5c3ae8c5dd9d63d29b05d6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4fa8cc844f186aec66ba1150a7b4d2101f0f0682a47869e0025334aa44d4095

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e10a37c048bdeea121c77061f436f42742bdfdba40148a95acb551f950afba1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 504 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c63b1e9738dddc068bc1a26a416e1c4cc095b48e5cf3af490dddb71710c728cc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 295f7d993b81a1b9f86862835671d1c860ead5afbac19cc20e1b6d3214720517

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 pubads_impl_2022110701.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

480c6d422ac35b202cb5c0ff3e440a24c46c4d598282004216321f24544ae625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 20:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131675
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 09:35:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Nov 2023 20:59:14 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 199 B
131 B 130ms
48ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.stb.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbba9e088648664db0cd97b03d19b2b37ad877ad60838403c3f7a8ae20dd54d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Thu, 10 Nov 2022 01:10:32 GMT

GET
H2 200 pexels-rodnae-productions-6806707-300x225.jpg
www.stb.ua/wp-content/uploads/2022/11/08/ 10 KB
10 KB 47ms
45ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2022/11/08/pexels-rodnae-productions-6806707-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911e6319820663653b10065bbc70300629e87ec7ce6e2ee96ded994d48b2ea97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130249
cf-polished: qual=85, origFmt=jpeg, origSize=15506
content-disposition: inline; filename="pexels-rodnae-productions-6806707-300x225.webp"
content-length: 10094
cf-bgj: imgq:85,h2pri
last-modified: Tue, 08 Nov 2022 10:24:52 GMT
server: cloudflare
etag: "636a2e74-3c92"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZ7OPJBVUvseBS50cAekn274tSNbc79snakRJzmmiCEOKfYT9PYQ9Zqp8C3p0cpeNIbRtAzPQBe9VIqf6FZj5oZvSOQfQ9bVl%2FgNguZ0%2FIZb2HaAHUBJUazYHK34PNQyx4PiYGW%2F8CM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b38e79887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pexels-margaret-weir-620530-300x225.jpg
www.stb.ua/wp-content/uploads/2022/11/07/ 3 KB
4 KB 39ms
38ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2022/11/07/pexels-margaret-weir-620530-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 928a76b71f65918078b6fb9ec10e72c5ec0b6d765a31d3674b22fb969fa7d6d5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 205109
cf-polished: qual=85, origFmt=jpeg, origSize=8317
content-disposition: inline; filename="pexels-margaret-weir-620530-300x225.webp"
content-length: 3418
cf-bgj: imgq:85,h2pri
last-modified: Mon, 07 Nov 2022 13:09:00 GMT
server: cloudflare
etag: "6369036c-207d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9tcZSNM0J7YvHLq74dEUy2wQqKI9ZcuRMhhxyWdtcFoMK2ClMyc7CKxeQ%2F4KvgUZgDHMT3qF9BYRvodDf%2FIxTMA31fFElv7PFuutainAGLXToMCw8vaiYonXyAt8nLW0z8OrxfMts4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b38e7d887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_4_1667610902-300x225.jpg
www.stb.ua/wp-content/uploads/sites/4/2022/11/05/ 16 KB
16 KB 40ms
39ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/4/2022/11/05/thumb_4_1667610902-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b10c7f8dd0a6179b00b1154fdbcda4e62c3bf46f7a9dd72dc078f4f5b64af17e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 282799
cf-polished: qual=85, origFmt=jpeg, origSize=17477
content-disposition: inline; filename="thumb_4_1667610902-300x225.webp"
content-length: 16350
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Nov 2022 14:06:54 GMT
server: cloudflare
etag: "63666dfe-4445"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BZXkhtvF0uBQwxI1OfTkbLH6Z1TpebjsnP6NL8iM7gXXS2m6AGrQfm4948WSpywL%2FYvpdeOI5trVMhEt8enSzVPqpduuLTyQm1zGPtkYmQddkabCkmghbD0QYWnlFdGQPDTighhh98%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b39e7e887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_4_1667610907-300x225.jpg
www.stb.ua/wp-content/uploads/sites/4/2022/11/05/ 14 KB
15 KB 39ms
39ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/4/2022/11/05/thumb_4_1667610907-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d07535fe4e625a2a5473b4ec8c123624620cf02dcd4b94d96fae9623e5804323

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 278449
cf-polished: qual=85, origFmt=jpeg, origSize=16405
content-disposition: inline; filename="thumb_4_1667610907-300x225.webp"
content-length: 14656
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Nov 2022 14:07:08 GMT
server: cloudflare
etag: "63666e0c-4015"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFzfbYJH4ksYbn3rBkdnVCHvJOMAuXyCV0LR03xgAqJnUrItOtABsw7gHGi0lAMWrByIU9IklFJjhtveJqq2LfjhSyhmWFUtKRBPkaiuyP3%2Fag9dX0y8ssAHUAoLigchKJO1r2RwS1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b39e88887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_4_1667610911-300x225.jpg
www.stb.ua/wp-content/uploads/sites/4/2022/11/05/ 12 KB
12 KB 40ms
39ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/4/2022/11/05/thumb_4_1667610911-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7cfcba1181eb95f839af4897ae81678b414bc7d2b9955af8acbbd1b1e94154b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 278449
cf-polished: qual=85, origFmt=jpeg, origSize=14773
content-disposition: inline; filename="thumb_4_1667610911-300x225.webp"
content-length: 12302
cf-bgj: imgq:85,h2pri
last-modified: Sat, 05 Nov 2022 14:07:27 GMT
server: cloudflare
etag: "63666e1f-39b5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1O3haitiSFyeBvIvPiQYFCFy0K81KD%2FwBOBgtl0XgGUPARpgJ6ZsMasopNwK2jQri8Cx0wUnuYQlYNnXWp%2FUH5te3aLBcaWX6EqUf8BDauSKC2xjBA2DwjFqMljGp%2Br2zJIqjLYSGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b3debe887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 190ms
59ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42094:uniques_instantly[language:uk,page_type:default,domain:www.stb.ua,url:%2F,page:%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20NEW,url_real:%2Fua%2F,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:30040aad1.2737ee1fe_1668042632150,session_id:3620dc422.8975a530c_1668042632151,cdn_version:53]&s=ab9e9cb0b19b8db3fb06915ed084facc&1668042632154
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pT2IkoB9CSBk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:32 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 188ms
59ms Script
text/html 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=10&holding=d51792b4d5f7e5523e2fa6df873e8051&hash_user=30040aad1.2737ee1fe_1668042632150&1668042632155
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pT2IkoB9CSBk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:32 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 188ms
59ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42094:visits_instantly[language:uk,page_type:default,domain:www.stb.ua,url:%2F,page:%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20NEW,url_real:%2Fua%2F,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:30040aad1.2737ee1fe_1668042632150,session_id:3620dc422.8975a530c_1668042632151,cdn_version:53]&s=ab9e9cb0b19b8db3fb06915ed084facc&__io=30040aad1.2737ee1fe_1668042632150&1668042632157
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pT2IkoB9CSBk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:32 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 189ms
59ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42094:pageviews[language:uk,page_type:default,domain:www.stb.ua,url:%2F,page:%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20NEW,url_real:%2Fua%2F,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:30040aad1.2737ee1fe_1668042632150,session_id:3620dc422.8975a530c_1668042632151,cdn_version:53]&s=ab9e9cb0b19b8db3fb06915ed084facc&1668042632159
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pT2IkoB9CSBk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:32 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10784707304/ 2 KB
2 KB 148ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10784707304/?random=1668042632177&cv=11&fst=1668042632177&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&tiba=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%A1%D0%A2%D0%91.%20%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%20%D1%88%D0%BE%D1%83%20%D0%A1%D0%A2%D0%91&auid=1023507928.1668042632&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10784707304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f6244e1c6aca49abdb506bb5fc8c591483fcc8b7a897e94e862856b8c514e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 948
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGNC56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 09 Nov 2022 23:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6343
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 10 Nov 2022 01:24:49 GMT

GET
H2 200 hotjar-2348863.js Show response
static.hotjar.com/c/ 4 KB
2 KB 162ms
50ms Script
application/javascript 13.226.153.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2348863.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGNC56

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.153.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-153-39.dus51.r.cloudfront.net

Software

Resource Hash

a85a208718a44e08d088f27a1bb8f29dbb786f54488c1c712bdb70116055a0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 01:10:32 GMT
via: 1.1 5cd60f530cdafe284762767565aa2746.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
age: 45
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/4f0af544f179565b284f21564d686819
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: TxnzyENscbHbEqC4wW4xzY3rs4F6eNr6wDErfJ2vMZKJsRmJPIZ95A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 66ms
62ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S081QH5DQY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10784707304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7167018b357886a0b6208f1d254492ca825c0db53ca7126c76993b9164adb796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76441
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Nov 2022 01:10:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 129ms
48ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q3W8G8LP36&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10784707304

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98e053ad3e6a8e5dabd58508be431eb47dab36474171b263f915fe33b8172b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76488
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Nov 2022 01:10:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 133ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 10 Nov 2022 01:10:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JVAmmuIajR1vya48Xf+UERC9mNRzZRSVapcNXouKsyZ/DR/w9YuTyKOsOrT+03l3AqIquZ3kUL+McP1MKSbc4g==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK segments.js Show response
d.adtelligent.com/ 16 B
436 B 124ms
28ms Script
application/javascript 2a0c:5c81:5120::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adtelligent.com/segments.js?id=81
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGNC56
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5120::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:31 GMT
Server: Adtelligent
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://www.stb.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=7200
Content-Length: 16

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-4&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-4&value=&_bee_ppp=1

43 B
796 B

39ms
39ms

Image
image/gif

52.211.170.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-4&value=&_bee_ppp=1

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

HTTP/1.1

Server

52.211.170.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-170-239.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:32 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-4&value=&_bee_ppp=1
Date: Thu, 10 Nov 2022 01:10:32 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 fpdata.js Show response
ua.hit.gemius.pl/ 275 B
389 B 54ms
53ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.hit.gemius.pl/fpdata.js?href=www.stb.ua
Requested by: Host: ua.hit.gemius.pl
URL: https://ua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 4cc73b8758dc4bf93d8a55296e2f811b6b911fe0add0d097b91506d76c22f8ba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 275
expires: Sat, 10 Dec 2022 01:10:32 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 7569 5 KB
3 KB 173ms
55ms Document
text/html 145.239.237.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: ua.hit.gemius.pl
URL: https://ua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-145-239-237.eu
Software: GHC /
Resource Hash: 58b903a2891db03264f729eb5ba6ebc66e6f57f747055309b44e05d39882544e

Request headers

Referer: https://www.stb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2714
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 01:10:32 GMT
etag: PRIVATE7520710249
expires: Sat, 10 Dec 2022 01:10:32 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 hlst11_site_220x140.png
www.stb.ua/holostyak/wp-content/uploads/sites/19/2021/07/14/ 30 KB
30 KB 39ms
39ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/holostyak/wp-content/uploads/sites/19/2021/07/14/hlst11_site_220x140.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/wp-content/themes/STB_New/dist/js/script.js?ver=1.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e041bb55df16e7ea6cbac9bae47a341e087174c74ce8a33e6c1e7088550f137d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 564750
cf-polished: origFmt=png, origSize=46418
content-disposition: inline; filename="hlst11_site_220x140.webp"
content-length: 30530
cf-bgj: imgq:85,h2pri
last-modified: Wed, 14 Jul 2021 13:50:35 GMT
server: cloudflare
etag: "60eeebab-b552"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djENgmgePOAqso26aAPpeGIQ0DjQmqcH4ZxfWP%2By8EnfdrJOcUipu9wdbnCJ%2BXdQYnoagMV%2FDJq1t5%2BwHe7WQAQQ59x0scXHkfdQ9Yjxvcto3pEZsFqGALqcflDb1Cb5TqI%2BjKmjoNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b4cfe2887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 MC_logo.png
www.stb.ua/wp-content/uploads/2021/08/11/ 8 KB
8 KB 42ms
41ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/2021/08/11/MC_logo.png
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/wp-content/themes/STB_New/dist/js/script.js?ver=1.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b571ad715a231d403346e7b8de0d84112683ca812865c810c5d32154e05fc71

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 627249
cf-polished: origFmt=png, origSize=21633
content-disposition: inline; filename="MC_logo.webp"
content-length: 8078
cf-bgj: imgq:85,h2pri
last-modified: Wed, 11 Aug 2021 13:56:40 GMT
server: cloudflare
etag: "6113d718-5481"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ga9gxcr6PFnn9dS4uP6OlH8ICU6%2FWhVOjC9fX2WBqeHHZwr6wvGsusjQWUhJ2xfFJe8aa7VO8uBPVefR81C85shI1vki33%2BcMQWgNHdZC7%2F5umJgruIfGoHWWCfGYWmM%2Fx0iLd1PV%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b4dff0887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f2b1e1aa3cae59c35c012927b1d76000531e779c913473d7796be41d1e9f0ad

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 186 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e50552a2245a3fa622e703b9c6a22adaef8bcef4a33192684b88c698fa5ba9c4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 thumb_4_1667512220-300x225.jpg
www.stb.ua/wp-content/uploads/sites/19/2022/11/04/ 9 KB
10 KB 37ms
37ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/19/2022/11/04/thumb_4_1667512220-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/wp-content/themes/STB_New/dist/js/script.js?ver=1.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec98508fc4bfa81859dff02cc72715686f0e10a0bfcceb72d3a9f43551f95e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 459757
cf-polished: qual=85, origFmt=jpeg, origSize=12513
content-disposition: inline; filename="thumb_4_1667512220-300x225.webp"
content-length: 9722
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Nov 2022 01:20:41 GMT
server: cloudflare
etag: "636468e9-30e1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q32q6CgyR32C1C8B2tdYGUWREqHuVyaJW%2FeKN4WEUcB%2FFhEScwNoWvjFIeJNTFmerkUmaTDacW47kXqNqQBSXppy49w%2Bp%2FfIzCE4nP9IfT%2FFGKav174DQsKdM7bpKeRS0SNFRPNMXq8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b3dec2887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_4_1667130761-300x225.jpg
www.stb.ua/wp-content/uploads/sites/4/2022/10/30/ 18 KB
18 KB 39ms
38ms Image
image/jpeg 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/4/2022/10/30/thumb_4_1667130761-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/wp-content/themes/STB_New/dist/js/script.js?ver=1.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ffe1c53630f81ba753f1b06dc67b6bceec276d7c6830d6644d488379aa72ca1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 885760
cf-polished: degrade=85, origSize=19111, status=webp_bigger
content-length: 18493
cf-bgj: imgq:85,h2pri
last-modified: Sun, 30 Oct 2022 11:52:58 GMT
server: cloudflare
etag: "635e659a-4aa7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmTEtOtc8zq9RLnvE3M6LqwbdY1oXi0TcK1QjP1fRb0xu3mSgXC6jeVPE2%2FtL9yUmRlWNgGeaL%2B5NpZ3xnp8u8Ugi8DVU%2BwvrNURW9MYlFYr9nzpJ6dQ5ImnTNBUh%2FTpIkwA6IiGxdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b4f812887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_4_1667145774-300x225.jpg
www.stb.ua/wp-content/uploads/sites/8/2022/10/30/ 8 KB
9 KB 44ms
44ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/8/2022/10/30/thumb_4_1667145774-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/wp-content/themes/STB_New/dist/js/script.js?ver=1.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c090eaf120afb069e7200432e2dabebf7fb9e3a6bf8fea3a8a39caefc1d8f7d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 487467
cf-polished: qual=85, origFmt=jpeg, origSize=11649
content-disposition: inline; filename="thumb_4_1667145774-300x225.webp"
content-length: 8674
cf-bgj: imgq:85,h2pri
last-modified: Sun, 30 Oct 2022 16:03:09 GMT
server: cloudflare
etag: "635ea03d-2d81"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTFgpQQwyqJJrX7R0PO1jd9woDMLfGanZKFoWb6bfw14daOPPG4xQqC3rSrxnjnUQGze8I2W2H8wjwK0h0h7c8oPOIFOlAe45GbDHMTYmd%2Bv4KTSr%2F%2BZFh2HTdaGNAexsTyUc2segus%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b4f813887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumb_4_1667046097-300x225.jpg
www.stb.ua/wp-content/uploads/sites/6/2022/10/29/ 14 KB
14 KB 40ms
40ms Image
image/webp 2606:4700:20::681a:91b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stb.ua/wp-content/uploads/sites/6/2022/10/29/thumb_4_1667046097-300x225.jpg
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/wp-content/themes/STB_New/dist/js/script.js?ver=1.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e49eda70796659f5244e19547eda5d360bb1d19e8aaa81b84a482388fde271a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 975459
cf-polished: qual=85, origFmt=jpeg, origSize=16176
content-disposition: inline; filename="thumb_4_1667046097-300x225.webp"
content-length: 14084
cf-bgj: imgq:85,h2pri
last-modified: Sat, 29 Oct 2022 12:21:57 GMT
server: cloudflare
etag: "635d1ae5-3f30"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xkq%2F63zBzk74mMVLJIzn73Qteza1lJLAPxk%2Ftq4dDMBP%2FEa5193NrwtbcjRxfH3TDkKA8plxSTUsUoQrO4jhp4gu0lxzZgmNkQfhnz8kgMNLrvmIOLWfQ3dYi%2Ba2rf%2BEEAfXgHO5oI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 767ae8b4f818887d-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hbw_master_266844_676.js Show response
player.adtelligent.com/prebidlink/19306/ 119 KB
31 KB 144ms
74ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19306/hbw_master_266844_676.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/463345/wrapper_hb_266844_676.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 6588f9025ab62b3839637a993f2da2c810f4cbb35b5a01a5273baafa60d603c6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 12 Nov 2022 01:10:32 GMT
date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: gzip
last-modified: Tue, 01 Nov 2022 12:36:58 GMT
server: nginx
etag: W/"636112ea-1db36"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
335 B 110ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S081QH5DQY&gtm=2oeb70&_p=1444259604&cid=456295650.1668042632&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668042632&sct=1&seg=0&dl=https%3A%2F%2Fwww.stb.ua%2Fua%2F&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%A1%D0%A2%D0%91.%20%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%20%D1%88%D0%BE%D1%83%20%D0%A1%D0%A2%D0%91&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S081QH5DQY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stb.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
s.adtelligent.com/ 907 B
857 B 141ms
31ms XHR
text/xml 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/?aid=40298&sid=789&player_width=640&player_height=360&format=outstream&site_id=STB_Outstream&content_page_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&cb=1668042632435
Requested by: Host: player.vertamedia.com
URL: https://player.vertamedia.com/outstream-unit/2.11/outstream-unit.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: bd7ffc44623e234f17f71c59e0aec33142139235b8525aa8e96be6a81791184f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:31 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://www.stb.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 560

GET
H/1.1 200
OK adm
aux-log.adtelligent.com/log/ 43 B
277 B 99ms
99ms Image
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aux-log.adtelligent.com/log/adm?page_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&sid=789&tte=349&info=%7B%22status%22%3A200%2C%22msg%22%3A%22success%22%7D&event=outstream_cfg_load_settings_success
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:31 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
bootstrap.adtelligent.com/outstream/ 43 B
229 B 106ms
106ms Image
image/gif 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bootstrap.adtelligent.com/outstream/?page_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&sid=789&time_to_event=1668042632435&event=outstream_bootstrap_application_instance_created
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:32 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK adm
aux-log.adtelligent.com/log/ 43 B
277 B 144ms
102ms Image
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aux-log.adtelligent.com/log/adm?page_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&sid=789&tte=0&event=outstream_cfg_load_vast_config_attempt
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:32 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 21 Show response
api-esp-eu.piano.io/publisher/fusion/lucid/data/ 2 KB
1 KB 104ms
73ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/publisher/fusion/lucid/data/21?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b96ce677505304fada4c1a48a216635f50dc3c6cf52a64ea8c6be33b5578f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.stb.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"7c8-7n5RDzfRCR79OP0Uu3ZXIOet+cw"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.stb.ua
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 767ae8b59b5e7689-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 21
api-esp-eu.piano.io/publisher/fusion/lucid/data/ Frame 0
0 90ms
58ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/publisher/fusion/lucid/data/21?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.stb.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.stb.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 767ae8b50ad57792-LHR
date: Thu, 10 Nov 2022 01:10:32 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

POST
H2 204 collect
region1.analytics.google.com/g/ 0
344 B 115ms
39ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q3W8G8LP36&gtm=2oeb70&_p=1444259604&_gaz=1&cid=456295650.1668042632&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668042632&sct=1&seg=0&dl=https%3A%2F%2Fwww.stb.ua%2Fua%2F&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%A1%D0%A2%D0%91.%20%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%20%D1%88%D0%BE%D1%83%20%D0%A1%D0%A2%D0%91&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q3W8G8LP36&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stb.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 112ms
37ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q3W8G8LP36&cid=456295650.1668042632&gtm=2oeb70&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q3W8G8LP36&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stb.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
107 B 147ms
58ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q3W8G8LP36&cid=456295650.1668042632&gtm=2oeb70&aip=1&z=1214163237

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 92ms
35ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4596660-17&cid=456295650.1668042632&jid=1844467815&gjid=925163116&_gid=1718657336.1668042633&_u=YCDAgAABAAAAAE~&z=2049851201

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stb.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 10 Nov 2022 01:10:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stb.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
458 B 148ms
48ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.stb.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.stb.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 123ms
40ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1444259604&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stb.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%A1%D0%A2%D0%91.%20%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%20%D1%88%D0%BE%D1%83%20%D0%A1%D0%A2%D0%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAAB~&jid=1844467815&gjid=925163116&cid=456295650.1668042632&tid=UA-4596660-17&_gid=1718657336.1668042633&gtm=2wgb70NGNC56&z=363792696

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80881
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
ua.hit.gemius.pl/__/_1668042632531/
Redirect Chain

https://ua.hit.gemius.pl/_1668042632531/rexdot.js?l=100&sendf=8&id=zUo6tmLlE4obxevJajbfI_VF31ldd8cn5AHubyWvRSX.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.s...
https://ua.hit.gemius.pl/__/_1668042632531/rexdot.js?l=100&sendf=8&id=zUo6tmLlE4obxevJajbfI_VF31ldd8cn5AHubyWvRSX.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fww...

169 B
424 B

130ms
129ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.hit.gemius.pl/__/_1668042632531/rexdot.js?l=100&sendf=8&id=zUo6tmLlE4obxevJajbfI_VF31ldd8cn5AHubyWvRSX.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.stb.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=dZR7wQ9KPxqQ75Ftx7HTxMtLIxNeCXw7VWS8nyckl_D.q7baTgK_joJRWH_ufxOjvoYqkCrW0Z_hl2aiy.Ohf1Ys1_y2/nMajvzdKJA3PM/&ltime=301&fpdata=BSOAQt8yV_St_LKVWI8FReH2ysDw2vHZJMQs5ZM501P.B7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 5ce4abf25d3930f46d0dac1b6b34c14777d59a5918d1e902ce6e61c8f8b12481

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Wed, 09 Nov 2022 01:10:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1668042632531/rexdot.js?l=100&sendf=8&id=zUo6tmLlE4obxevJajbfI_VF31ldd8cn5AHubyWvRSX.F7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.stb.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=dZR7wQ9KPxqQ75Ftx7HTxMtLIxNeCXw7VWS8nyckl_D.q7baTgK_joJRWH_ufxOjvoYqkCrW0Z_hl2aiy.Ohf1Ys1_y2/nMajvzdKJA3PM/&ltime=301&fpdata=BSOAQt8yV_St_LKVWI8FReH2ysDw2vHZJMQs5ZM501P.B7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 09 Nov 2022 01:10:32 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10784707304/ 42 B
548 B 180ms
86ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10784707304/?random=1668042632177&cv=11&fst=1668042000000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&tiba=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%A1%D0%A2%D0%91.%20%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%20%D1%88%D0%BE%D1%83%20%D0%A1%D0%A2%D0%91&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=656294359&rmt_tld=0&ipr=y

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/10784707304/ 42 B
548 B 59ms
57ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/10784707304/?random=1668042632177&cv=11&fst=1668042000000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&tiba=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%A1%D0%A2%D0%91.%20%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%20%D1%88%D0%BE%D1%83%20%D0%A1%D0%A2%D0%91&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=656294359&rmt_tld=1&ipr=y

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.43d9c9e9a68c20171706.js Show response
script.hotjar.com/ 262 KB
67 KB 136ms
50ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.43d9c9e9a68c20171706.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2348863.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

2a6255d829bd2e8984ae17d53199d07ccc0145563003b137e142bf2ae4cf52ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 39986
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68456
last-modified: Wed, 09 Nov 2022 14:03:22 GMT
etag: "8a1472d473ab4df654d63dc6d6ac6d1e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: UUYsw4WbmtRMZgwXfJwA0XV5bPtLiJ6bCaGxbnfuKAUT-c47-F_w6Q==

GET
H3 200 1402419916551481 Show response
connect.facebook.net/signals/config/ 289 KB
83 KB 82ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1402419916551481?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76275b112dc76c9baffa0d9cac26d91c146609a318923664f4c7f6a2858eeb8c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 10 Nov 2022 01:10:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85141
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: qcnoKoPNH2YdMWj/ItlCv4XNZjdVHTvQxtMoQu6OF9icsF+hvotGEpvf5spsbL98z4ueVVAtPQAazE+rWPviTA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jsvpaid.js Show response
static.adtelligent.com/static/ Frame F4CC 163 KB
44 KB 187ms
75ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Requested by: Host: player.vertamedia.com
URL: https://player.vertamedia.com/outstream-unit/2.11/outstream-unit.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9852b0957e2d0919164ef70d15ad02c2285f34cc638e4cba5e8e8971f8daf540

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Sat, 12 Nov 2022 01:10:32 GMT
date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 18:53:46 GMT
server: nginx
etag: "632b5dba-b009"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 45065
x-proxy-cache: HIT

GET
H/1.1 200
OK adm
aux-log.adtelligent.com/log/ 43 B
277 B 100ms
99ms Image
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aux-log.adtelligent.com/log/adm?page_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&sid=789&tte=159&info=%7B%22status%22%3A200%2C%22msg%22%3A%22success%22%7D&event=outstream_cfg_load_vast_config_success
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:32 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 box-c6ca1c87e308a39aabb76b56ba54398b.html Show response
vars.hotjar.com/ Frame 9F59 2 KB
1 KB 149ms
41ms Document
text/html 18.66.112.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2348863.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-107.fra56.r.cloudfront.net

Software

Resource Hash

a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.stb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 478106
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 12:22:06 GMT
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-id: IONMqgXi9nNGNF8durxZmPfaXX8JpHGJ_gxXH4miYqlvh0Ox0RfQgg==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/279944/ 2 KB
1 KB 118ms
33ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/279944/config.json?cb=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/463345/hb_266844_676.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 8033f8c3eb76868a0c94f71d65b0f2b4d58db51eff7a36e0497f0f450c6a9632

Request headers

Referer: https://www.stb.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 12 Nov 2022 01:10:32 GMT
date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 12:01:50 GMT
server: nginx
etag: W/"636b96ae-8f7"
content-type: application/json
access-control-allow-origin: https://www.stb.ua
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
44 KB

143ms
51ms

Script
application/javascript

2600:9000:206f:9e00:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: H2
Server: 2600:9000:206f:9e00:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:22:07 GMT
content-encoding: gzip
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 2906
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 02BNgTif2520d80-hUFepcoTQ3mQ_Z4bZYEnVSdtj-KQ5cHhsIRFCA==

Redirect headers

date: Wed, 09 Nov 2022 22:21:16 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 10156
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: Qn_QlFttI6dYYBNS6US7c4xV57VFqhYMwzGGlxPJU6at3Wvlg2RPVA==

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 151 B
417 B 101ms
28ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19306/hbw_master_266844_676.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: f7d848e954293a192fae29cbbbdf604433ec3e0486c65254218225b883948a69

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:32 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.stb.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 151

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
301 B 101ms
29ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=266844&site_id=676&pbjsv=v6.25.1-b&full_page_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&adid=adikkz.0c&features=81952&vpbv=N094&lifecycle_tte=1510
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19306/hbw_master_266844_676.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:32 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.stb.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 136ms
49ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.stb.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 158ms
50ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.stb.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
639 B 84ms
83ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2717032052517801&correlator=2726879603230243&eid=31070788%2C31070233%2C31069563&output=ldjh&gdfp_req=1&vrg=2022110701&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_STB_Interstitials&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1188368766&didk=15532985&sfv=1-0-39&ists=1&fas=8&eri=1&cust_params=SLM%3DSLM%26stb.ua46741%3D43e92c12d62d1709b11d197b8fbdbb61%26www_stb_ua%3Dwww.stb.ua%26url%3D43e92c12d62d1709b11d197b8fbdbb61%26type_page_stb%3Dnon_video&sc=1&cookie_enabled=1&abxe=1&dt=1668042632668&lmt=1668042632&dlt=1668042631693&idt=668&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=456295650.1668042632&ga_sid=1668042633&ga_hid=1444259604&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03a53eee134de9274bef3133ff3eb0dd0f4117ef576dc15987d8875612cb696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 608
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.stb.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 95ms
94ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2717032052517801&correlator=3833144293250407&eid=31070788%2C31070233%2C31069563&output=ldjh&gdfp_req=1&vrg=2022110701&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_STB_background&enc_prev_ius=%2F0%2F1&prev_iu_szs=2000x1300&ifi=2&adks=2919315043&didk=2056043092&sfv=1-0-39&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM%26stb.ua46741%3D43e92c12d62d1709b11d197b8fbdbb61%26www_stb_ua%3Dwww.stb.ua%26url%3D43e92c12d62d1709b11d197b8fbdbb61%26type_page_stb%3Dnon_video&sc=1&cookie_enabled=1&abxe=1&dt=1668042632673&lmt=1668042632&dlt=1668042631693&idt=668&adxs=-200&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&frm=20&vis=1&psz=1600x1200&msz=2000x-1&fws=512&ohw=0&ga_vid=456295650.1668042632&ga_sid=1668042633&ga_hid=1444259604&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7c0b83abf36888a3fb856a3c1789871d38206fd07165b628d6ed01ba1b88681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12784
x-xss-protection: 0
google-lineitem-id: 5989857488
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138388702514
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.stb.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 3934 6 KB
3 KB 153ms
51ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 01:10:32 GMT
expires: Fri, 10 Nov 2023 01:10:32 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022110701.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022110701.js?cb=31070788

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72ee86c2d51bda0926be00bf9c225c4327b49495ba502bc10b051c8eb09031bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 11:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 09:35:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Nov 2023 11:41:20 GMT

OPTIONS
H3 200 35
api-esp-eu.piano.io/tracker/lucid/visit/ Frame 0
0 63ms
63ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/tracker/lucid/visit/35?story_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&visitor=ys18nm7ipfo9oun3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.stb.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.stb.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 767ae8b65c387792-LHR
date: Thu, 10 Nov 2022 01:10:32 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

POST
H3 200 35 Show response
api-esp-eu.piano.io/tracker/lucid/visit/ 65 B
540 B 92ms
92ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/tracker/lucid/visit/35?story_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&visitor=ys18nm7ipfo9oun3

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7444ac806038f9532f7e8413411ca5c9966dd7b9d2b4832d160a47bc77b0e1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.stb.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-CftKoCrEnd3ym0nsP/i89jRK3ew"
access-control-max-age: 36000
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.stb.ua
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 767ae8b6bc297689-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3 200 state-machine.min.js Show response
api-esp-eu.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 40ms
40ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vu.1.99.7-e94fd99&p=35

Requested by

Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 41964
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Nov 2022 18:45:39 GMT
server: cloudflare
etag: W/"f2a-18443f68038"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp-eu.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 767ae8b65bd97689-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 10 Nov 2023 01:10:32 GMT

GET
H3 200 displayer.js Show response
api-esp-eu.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 41ms
41ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vu.1.99.7-e94fd99&p=35

Requested by

Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 41964
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Nov 2022 18:45:39 GMT
server: cloudflare
etag: W/"8abb-18443f68038"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp-eu.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 767ae8b65bda7689-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 10 Nov 2023 01:10:32 GMT

GET
H3 200 displayer.js Show response
api-esp-eu.piano.io/public/sdk/vx/widgets/popup/ 2 KB
1 KB 42ms
42ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/public/sdk/vx/widgets/popup/displayer.js?v=vu.1.99.7-e94fd99&p=35

Requested by

Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3124648e565e7e8061362135ae2180f9911723aff9b5669df9d068501219ab14

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 41964
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Nov 2022 18:45:39 GMT
server: cloudflare
etag: W/"1634-18443f68038"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp-eu.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 767ae8b65bdc7689-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 10 Nov 2023 01:10:32 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
47ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1444259604&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stb.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%A1%D0%A2%D0%91.%20%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%20%D1%88%D0%BE%D1%83%20%D0%A1%D0%A2%D0%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAEABAAQCAGAAI~&jid=1579232469&gjid=519897431&cid=456295650.1668042632&tid=UA-4596660-4&_gid=1718657336.1668042633&_r=1&gtm=2wgb70NGNC56&z=1351710768

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stb.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stb.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 107ms
35ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4596660-19&cid=456295650.1668042632&jid=2094180422&gjid=854293875&_gid=1718657336.1668042633&_u=YCDAgEABAAQCAGAAI~&z=1560734502

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stb.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 10 Nov 2022 01:10:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stb.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
52ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1444259604&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stb.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%A1%D0%A2%D0%91.%20%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%20%D1%88%D0%BE%D1%83%20%D0%A1%D0%A2%D0%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAQCAGAAI~&jid=2094180422&gjid=854293875&cid=456295650.1668042632&tid=UA-4596660-19&_gid=1718657336.1668042633&gtm=2wgb70NGNC56&cd1=inactive&z=54867320

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80881
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
53ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1444259604&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.stb.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%A1%D0%A2%D0%91.%20%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%20%D1%88%D0%BE%D1%83%20%D0%A1%D0%A2%D0%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adBlocker&ea=inactive&el=%2Fua%2F&_u=YCDAAEABAAQCAGAAI~&jid=&gjid=&cid=456295650.1668042632&tid=UA-4596660-4&_gid=1718657336.1668042633&gtm=2wgb70NGNC56&cd4=inactive&z=1324478427

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80881
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
54ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1444259604&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.stb.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%A1%D0%A2%D0%91.%20%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%20%D1%88%D0%BE%D1%83%20%D0%A1%D0%A2%D0%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=Baseline&ev=1&_u=YCDAAEABAAQCAGAAI~&jid=&gjid=&cid=456295650.1668042632&tid=UA-4596660-4&_gid=1718657336.1668042633&gtm=2wgb70NGNC56&cm1=0&cm2=0&cm3=0&cm4=0&z=2130693799

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80881
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 71ms
71ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42093:uniques_holding&s=ab9e9cb0b19b8db3fb06915ed084facc&__io=30040aad1.2737ee1fe_1668042632150&1668042632701
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pT2IkoB9CSBk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:32 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 92ms
36ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-81117537-46&cid=456295650.1668042632&jid=896934907&gjid=1428311531&_gid=1718657336.1668042633&_u=ACCAgEABCAAAAEAAI~&z=839634596

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stb.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 10 Nov 2022 01:10:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stb.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
47ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1444259604&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stb.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%A1%D0%A2%D0%91.%20%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B2%D1%96%D0%B4%D0%B5%D0%BE%20%D1%88%D0%BE%D1%83%20%D0%A1%D0%A2%D0%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABCAAAAAAAI~&jid=896934907&gjid=1428311531&cid=456295650.1668042632&tid=UA-81117537-46&_gid=1718657336.1668042633&z=509455412

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80881
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 848750975747463 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/848750975747463?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c3b40212eaba789e079fba2196228d96494e205478aae8a95334c8ea30c2936c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 10 Nov 2022 01:10:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86066
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ULxWV/a3zs8T5CrJ/AB3f+rfhETM4mXziHEx9VmiGa2EK0xTK+8c+yQBKMdiD3fmInOh9UQ9hUL0Y/BN9+Oz1g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 122ms
41ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1402419916551481&ev=PageView&dl=https%3A%2F%2Fwww.stb.ua%2Fua%2F&rl=&if=false&ts=1668042632737&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&it=1668042632547&coo=false&rqm=GET

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 10 Nov 2022 01:10:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 55ms
35ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4596660-4&cid=456295650.1668042632&jid=1579232469&gjid=519897431&_gid=1718657336.1668042633&_u=YCDAAEABAAQCAGAAI~&z=686057680

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.stb.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 10 Nov 2022 01:10:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.stb.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 52 Show response
api-esp-eu.piano.io/publisher/unattended/ Frame 2E5A 128 KB
41 KB 61ms
60ms Document
text/html 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/publisher/unattended/52?wv=122&v=vu.1.99.7-e94fd99

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d52216c90ca53833f8edc70ebf990116622809278d31b44b656769bce669f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.stb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp-eu.piano.io
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000 public
cf-cache-status: DYNAMIC
cf-ray: 767ae8b6cc2c7689-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 10 Nov 2022 01:10:32 GMT
etag: W/"1fea5-B6Sz7Lp+nupVm666LsSDsYWtWXc"
expires: Fri, 10 Nov 2023 01:10:32 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
x-cache-status: HIT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
20 KB 389ms
389ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2717032052517801&correlator=2136654243297289&eid=31070788%2C31070233%2C31069563&output=ldjh&gdfp_req=1&vrg=2022110701&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_STB_Premium1_300_250%2CSLDS_STB_Premium2_300_250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=240x400%7C240x350%7C300x600%7C240x600%7C300x250%2C240x400%7C240x350%7C300x600%7C240x600%7C300x250&ifi=3&adks=391805128%2C3920613386&didk=3829797630~3829797625&sfv=1-0-39&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM%26stb.ua46741%3D43e92c12d62d1709b11d197b8fbdbb61%26www_stb_ua%3Dwww.stb.ua%26url%3D43e92c12d62d1709b11d197b8fbdbb61%26type_page_stb%3Dnon_video&sc=1&cookie_enabled=1&abxe=1&dt=1668042632765&lmt=1668042632&dlt=1668042631693&idt=668&adxs=1000%2C1000&adys=998%2C2467&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&frm=20&vis=1&psz=300x0%7C300x0&msz=240x0%7C240x0&fws=0%2C0&ohw=0%2C0&ga_vid=456295650.1668042632&ga_sid=1668042633&ga_hid=1444259604&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d827e28626fd587757ec767f4dc472b690c332a47122535f14489517fd9a236d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20563
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.stb.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 80 B
360 B 28ms
28ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=467848&aid2=587777
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19306/hbw_master_266844_676.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: d756659afc46966f0cc598df2edf870eeb2687a8d5db64a65602362a1e6712dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:32 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.stb.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 80

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5148 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstetvkzJp0_jVaCJG46PJPAClEICe_GJ_k4pKCQR59fiyPe9LSLOgTJi0hmee1v9SGWQnJfTHn66ZtvkrGzrhB-sTZLJkbZWIIWJ3M9ydtXXAXn7iltfQ4-GGu_YSW-RPFye1nL_QANXqp-soDXB_BHqMv4prbWvgt_B_SwpR_IQag57GXC_jAZxdwdRDKvcPe7bh7yGwiOJg4n959nkuWl6XZ2aprdSuRwSfmQWItLVQA1qOSs8Fyya-6fn6ekYcGWkR-W6WrmfCjPmMGYQ80Zz8Tp1T544-jalqtqLp7wULQvzhvmNOZjJKicbDT98OCMPutVIUOq6wPEnPG-AEB392w3&sai=AMfl-YQlxLRUKiM1hAU-Lhxn3DzJF_NC9aL_vRC1PyCy-p-Nqi5YC37C6hxOwB37rMCOVaK2AnwBaF_YG6lwAjbM2PJo_5w0T2RIxilu80PSQMfV5j7K4RoRvAoFddqi_KYfdA&sig=Cg0ArKJSzBlsPYU91TI2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221107/r20110914/client/ Frame 5148 3 KB
2 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221107/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 23:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 23:19:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5148 154 KB
48 KB 136ms
49ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 01:10:32 GMT

GET
H2 200 1232191844120397763
tpc.googlesyndication.com/simgad/ Frame 5148 307 KB
307 KB 130ms
41ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1232191844120397763

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bb48c45ce522c83ed939c118b1fe445795a19c3390efd567a7636da59f30e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 16:03:51 GMT
x-content-type-options: nosniff
age: 119201
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314047
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 14:15:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Nov 2023 16:03:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5148 0
0 133ms
49ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKyQyJlbBUzCjXSHN8rm3K1n1C5JZr3Iwt7ccFPLUQ5oMpY-iTUJuFyJzNMHJRiTgvHgjZ2S3TwfzoGkTmXItuwMrmIA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5148 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4a7f41643695f7bf4fe98eee93638ec73996c5014c9bc4770cfa8278b787030

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 139ms
61ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4596660-4&cid=456295650.1668042632&jid=1579232469&_u=YCDAAEABAAQCAGAAI~&z=2000813186

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 139ms
57ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4596660-4&cid=456295650.1668042632&jid=1579232469&_u=YCDAAEABAAQCAGAAI~&z=2000813186

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 83ms
40ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=848750975747463&ev=PageView&dl=https%3A%2F%2Fwww.stb.ua%2Fua%2F&rl=&if=false&ts=1668042632867&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668042632866.1352426978&it=1668042632547&coo=false&rqm=GET

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 10 Nov 2022 01:10:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK slmp
pixel.adtelligent.com/ Frame F4CC 43 B
229 B 332ms
116ms Image
image/gif 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adtelligent.com/slmp?Event=3&Type=0&Version=0.0.0&Aid=0
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:33 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK slmp
pixel.adtelligent.com/ Frame F4CC 43 B
229 B 316ms
102ms Image
image/gif 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adtelligent.com/slmp?Event=4&Type=0&Version=0.0.0&Aid=40298
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:33 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 icomoon.woff
api-esp-eu.piano.io/public/sdk/v04/widgets/base/fonts/ Frame 2E5A 3 KB
2 KB 52ms
52ms Font
application/font-woff 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/public/sdk/v04/widgets/base/fonts/icomoon.woff?vu.1.99.7-e94fd99

Requested by

Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/publisher/unattended/52?wv=122&v=vu.1.99.7-e94fd99

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

313c92b6eab9e17856119beb0a1790ca754193d91c1e4e2ead32b8e976cc0a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://api-esp-eu.piano.io/publisher/unattended/52?wv=122&v=vu.1.99.7-e94fd99
Origin: https://api-esp-eu.piano.io
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:32 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 41964
x-cache-status: MISS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Nov 2022 18:45:39 GMT
server: cloudflare
etag: W/"b70-18443f68038"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://api-esp-eu.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 767ae8b7bd1f7689-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 10 Nov 2023 01:10:32 GMT

GET
H/1.1 200
OK / Show response
ads213.adtelligent.com/2v/ 2 KB
1 KB 117ms
36ms XHR
application/json 2a0c:5c81:5139:0:baca:3aff:fe65:6d64
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads213.adtelligent.com/2v/?vmAdID=8D24C9ADD1131BCF&aid=40298&width=640&height=360&site_full_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&top_domain=https%3A%2F%2Fwww.stb.ua&v=2.7.198&t=js&sid=789&cb=1668042632435&format=outstream&site_id=STB_Outstream&vpaid_type=2&is_secure_frame=false
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139:0:baca:3aff:fe65:6d64 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 033db535d07fec060331b9fa19cede503da0b8f6dab5a2cbc0ae3226bfbb3946

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:32 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.stb.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1172

GET
H/1.1 200
OK sync.js Show response
s.adtelligent.com/ Frame F4CC 965 B
729 B 29ms
28ms Script
text/javascript 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.js?aid=40298
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8817fd7b4795e9f345af1a6ee1ecc5dc6b04a4f35f66e5542e75cba65b0f9735

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:32 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 457

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 43ms
43ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.stb.ua&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:37:10 GMT
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 20002
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.stb.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 61W8JrhILM90pTNlgA5OWZuQxHk-G0HSpDluTr5ayLf9BcCrRI-GBg==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
458 B 216ms
81ms XHR
text/javascript 108.157.6.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.stb.ua%2Fua%2F&pid=f6dmhf7NJxRSc&cb=0&ws=1600x1200&v=22.1107.1609&t=2900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1472564131701-0%22%2C%22s%22%3A%5B%22240x400%22%2C%22240x350%22%2C%22300x600%22%2C%22240x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_STB_Premium1_300_250%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1472564131701-1%22%2C%22s%22%3A%5B%22240x400%22%2C%22240x350%22%2C%22300x600%22%2C%22240x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_STB_Premium2_300_250%22%7D%5D&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.6.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-6-231.dus51.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-amz-rid: GKHZ8NVTJ8D6X2SAA5YZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.stb.ua
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _K9j0JtGp6bRoaAi6T32KJ0V4t3yrMnqA_c8P3zst5KQ3t8bj0fSSw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 129ms
44ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
content-encoding: gzip
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
date: Wed, 09 Nov 2022 20:12:22 GMT
x-amz-cf-pop: FRA56-P6
age: 17893
x-cache: Hit from cloudfront
last-modified: Tue, 08 Nov 2022 20:12:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: bpSWC_y0swQV0xteF0UCUbr7kFNe6hDAxgBL8nqlRTgO-g7yvEwT2g==

GET
H/1.1 200
OK request Show response
aux-log2-sh.adtelligent.com/campaign/ 43 B
277 B 360ms
99ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/campaign/request?cmpId=29171&protocol=vpaidjs&waterfall_position=1&waterfall_id=18546926&advId=27865&isvm=0&performance=4.097759246826172&cb=1668042632435&format=outstream&height=360&width=640&site_id=STB_Outstream&site_full_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&aid=40298&sid=789&v=2.7.198&t=js&adId=8D24C9ADD1131BCF&env=desktop&country=82&is_secure_frame=false&domain=https%3A%2F%2Fwww.stb.ua&tte=0
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:32 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 ima3vpaid Show response
tpc.googlesyndication.com/ 884 B
525 B 132ms
48ms XHR
text/xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F58302844%2FSLDS_Outstream_Roll_VErta%26description_url%3Dhttps%253A%252F%252Fstb.ua%26tfcd%3D0%26npa%3D0%26ad_type%3Daudio_video%26sz%3D640x360%257C640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear&cb=1668042633027

Requested by

Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

405b21df23095aae7e6ed2917c68481aa2a31b934ec0f7b2b9353bba97a2a892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.stb.ua
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 503
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5148 0
0 81ms
81ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjYPY9cjkTOvTkzqNnLZMUEmuGv0XsCN4Z2m1S8vBZ-QDam8TTx_AeceySe2v2MXwbSdMsKK45jnNaxBAxQkI9gVZ5rgB0VQ9XvrXnC3ungwnDxzTxl_zFqbpRs58Bcbip8EaxfiNaoZLnLZnG0_R2BO2qx23F0O24wY7RVd7kKf8MstOL9CGMpTCQxPZYZ1iDrqeAZs0_wGJZXFDoq3GHDGk9u1A1Wu3JENoxIQsXC62vq9gbhfQYrc4-Ja3-6-DoaQKlZwnPRf6S9DZZ-fILKtr7NRS67yxF3DKMCmtaUasnDlMVxYj7U5F1vwQE2cPaC0JO-4OM&sai=AMfl-YQFrJDZ7Bj0hjEiTVIATz7GjlF_o6WJbOJIPw9dY2-rg8B3G1RqnLP8jG1toMHfTCivyJF8OxIM8IvZQvg6g4XU9zaUsW_MEQ5ixFv2XiFHCy1QUwMXSp67ZsyRgvkEqg&sig=Cg0ArKJSzKcxCfmpIcVtEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Nov 2022 01:10:33 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 145ms
55ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d0a7bd4544e11f2da3687c284086a7c4c3e5e4eb5ae3d60cfa4fa575e20dc72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11308
x-xss-protection: 0

GET
H3 200 container.html Show response
28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 88A9 6 KB
3 KB 124ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 01:10:32 GMT
expires: Fri, 10 Nov 2023 01:10:32 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 95CE 6 KB
3 KB 119ms
43ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 01:10:32 GMT
expires: Fri, 10 Nov 2023 01:10:32 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FAFB 43 KB
16 KB 143ms
40ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/58302844/SLDS_Outstream_Roll_VErta%26description_url%3Dhttps%253A%252F%252Fstb.ua%26tfcd%3D0%26npa%3D0%26ad_type%3Daudio_video%26sz%3D640x360%257C640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp

Requested by

Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

947075e4c1ceb25016e75bfd26c3dde0679fb91edde374c9f516796ac03946b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15790
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 10 Nov 2022 01:14:36 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2EAE 0
15 B 40ms
40ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.stb.ua
Referer: https://www.stb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.stb.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 01:10:33 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110701.js?cb=31070788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 01:10:33 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 261F 624 B
242 B 141ms
59ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhiZwv7NATAB&v=APEucNVrnNTCHqJAAYslRewdhncs1EnPwxsk7TKaACT6uj3hCWBlaSW97_DbJ1qjwipRTIr4BATBuWXch7DSTPcsX62jB3ol8TAQMpxvc9QkrCAvTi80-Mv6iC1W5cc-4_Ku9VkaVzNvSHQO8JnVT87zCXTdsqDxMK6WTvQAXfDg1H7V18LipNc

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 01:10:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 88A9 15 KB
11 KB 154ms
73ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcDmwCfA31ZMWxKALMs5dPLyDi3DWmCXlu0KijiWLyf81LZu2r4UhsCg2v8bJ-OsW3si3bH2e4-CTefNGCxCzkAHxA8b5DovkGvmCP7N13Ak64y37dsinsqWLWM4IJuLwpI5eB6Kh8GQSycld0DqgcKQMQt2YtzQGOakYMp1hGr856VPE&cry=1&dbm_d=AKAmf-BIJZZXyf9aZ9S7TaV7dHBXQyZC7nDDowa0UjvFPLjDoNVWdF2hqlM4qGCrhv1DC_gwxNCr2BARa5cZFiADuP4XIxvfj5hF7D4hLgvBOPizKVNoflcXcyfNWltDv2EKCOji9xdmztMm_4zTUGvztVJBP5qABiy01zJ0lGqytk_PirWJ12tqNu2hsM02tTOkrCd2C42wGTP5bbjF76gWNTgFMIEq8bnX2Zh0yHRi8WAnsRGttt0yTVSO1O_gSeBKRRQ1GZayCxa3pNyvISqPSLrqv5FDXxmrJ8TbE0WDTyTe0P7zsnEAn_nuk66kGcQmoB2yHTA1avCTD9tEO1sXHslsuQMut4aF0jp9PD77xazJ5ryUS0jz5UinCd7sQhVY-voKCmivEAQ7U2YBbEOvpxlGeHDHlE6hChPe02vN8ltuOW3vCJHNUrLSrt9O8lCZN2Vf00wcnyCgeo-Waf9D32dvxNA-IjUhhBS0S4-wnnXcxiqAMVBGwi1Sw-txN3q6z8Y8PcEp6BSBhw_L4JzAK0V3NAmIrljPYLXUZMDvphN5m2xKwzHkVlbYUjlTIgdcLQ1HHfTT7NxS7z6VT8Cu7Ejrny7Jmv0a3k2SUm5LDi2Ycv5Wr7ip8tPmOLIfr3M7TLkYwphm7sbDn0lWT5ejLa6HKqIPR76I400yGqc1xWLfkdJjhsLYcIRjjtXiKDTggIFbZlngkVhC0cYQgXMtybanZakw5W0cu4xjEweHT-sEnz_VEr4C-xy9JvfZ8ILWAVGbvlQ1KMxQeKBunAM38YZlPqah1gaLOoJFLFUukeSoU5MEoWSkY7lzYo4GiUMvosUZVmKRgHPfFG86d-KqWmvYlMXu8gj9a8wa6pZM23ObUHWAmgM_P-7_PGRGLQP6mPKjPCgGU7L8qTJxPHOwzv-_Cjb-Fv5wld5w33Hn-aIo0nzqQG_igC0l5QaDgaXvBXsSfUmqzFsEg7g9PkJgj7nxjDua3ZnxKqY9eaOy89Ek8-gxB3pfM9WN-H3NAypQHZIGVEWGHQCPmAJj0JCn_uzArYlsAgUEK65ZuE-pvLZzJuNqANLk2hCwgq9v_YQLOxjnwvF5YisWFdySWNy-_7Kk_K4sU38FfKwatwdVbAiLhysWQeMqmlen6gHoEfzJxyZKmVxjeQLfBkaI83RlplUhz7oGw6wBRW9erBnm7vd5USoLaFLUfzCIMAoOgvweN6pena1_LX_8U14scI0yBsVeT_1hGX59QwrVUdJsUk9hbZQor5dqRisJ2fwXrK7NwGQ6Pe8QxLsWlGvp6PDeE_LxINLzsEzB9RO5roE5neymGccXmf3F51MiWY2_Ynnyqx6RfD1i1CBp-6Loe0xA6SKjJs-Gr2-tJ1GMvOJF7SmIZfX-OW9qd7NAe50JBA2I9dx37bT0l8eT7J6r4wDmg1AL8R2Jw-b9ke6oj3UUMbj-w__B5knqn7NfeO_YR4mNpIvN4azvDPIBrdKzmkHPpStzSsd2EoCYPQNv9TwU2_WWLC5FXI_BAQPJT0LG-77bDnSMP2wVSwxgmv0NI9NV86iMDpkHTMagYAuMOZaegCunWCVMl3g42oGMfos9RDW9v8ANPKGFjJ_yfPtxzGFlN0wj3JV2qqhP63mcevJyehwQMP2JEnNMKg7eAVMQGkEbvmwNEsQF6RkZHBXs2hBAygj-kjJWibuRnT78QyGFaNR8z8BjQWuI8x4PBldNmb7zTE3ZcoxeRBdJEUVOenwKaIgqs6fFINS7yETG_N5nP561CRjPTYpV_IvSgYJ9uYMffOYCNW3Bc3Zv4h6mwILuzAicnsqftkx2bhiDYT0NlsL8PGhFEMhcRdEtT8iqQmMner7Z50ap9Rm8wX7xfLzt_Zhz7y6zUhmcpOPmaad2Wc0Wd6vB58XBet9Ectxfne35xGXOyfPRX7aqKcNMh-Pfk1f5CSyJW_eMA_bvcOlyFRrmEb7a12tSQTUgGxCWtkwSCreNNbyQdwWY2WZDyo0TgbYlFgRIbv6X72GjunA3oRwVipelI1Kk9hJERh7Kg1fcmeVNPXNCvynvJWOzhXpTGfeKHDjgIzA9-i-BilKd2NkKaD9xeiLg898kBiPkkoMVxiCXcRoCKpeX0JzukDUQhHjTmse57129STFxp3Y36SNwTrpmhZN2_xqKeE647erh4dd-jD1KaPJiYWa76JhvENLPGDUuVnYtZNhpCeIEloN9zb7nS1KTC5mmF65-dK-yxkCV1gb2kjlDKSjW9zSnWWIY6CHLd2Rx-dQGPlyKsJvOxTo9fHgq4SY5MIGQsLSOLEFVr7VhY1aVpAfRPh31WrpSPQsH_OAK0C8GJ7r7j6OTGC49SzI1hhqDq97AYsj7hjeKs28IbLcArvPuA-LraeeeCufA-n_dxfJ-Ulu3Gne0iKlTK34ytmm4euEikQV2rSHD6GueUL9joEsphSONEyZs6uxV31lNu079a7C1ZXHDTAIGk3wg2NiOV7rFydfnv-I9keeB0ob44AYjfWYpeGfEIn6Qy0rxXzwrHSchNNwbTJDzINfKQg0aZ7l_eHuUNN3tuIKMmCs2maDyNT2e-lVBSvmxQp7dTit0MFF9yhv2_WXopjCPYIs9aFvDgDEGPIjFkwAI4CHBu5Iz9bWf5ee1d09BqFQqn4RQC5VgBYOo4g1AgTzwLBsciqZfx-XC52uHEn-RZZjmqM3_zvoaLuoRxxxlSMK6jfNUJRvaFpxrxiuNJhuqU8mcsY26k_jEZXTTjlAZ09WubXctu4NoQ8IEZdVpS1i2JhiPOWK5B3hSgGQZF7Q&cid=CAQSPADq26N9cgXHMumSOhsZQ4nOb31fc_uCMh8qAxxQLUjvJVg9Oijy1uHbkjKDKOBanCeT9D16_xR2U2b8ZRgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.stb.ua%252F%240

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

794b0b683ba559335241b5fe0f7dbbb3b9e9746c6828737ebc5ad8f18f722dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11466
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 88A9 42 B
63 B 155ms
73ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DTgdi3jm9Mw6FRWefCgmJLZXA1aMcLKIKnIc3T64MR0FhZX203TPPM3zGdLcYEbwpmktTq1EblOhFnh4X1Cq2wQfQOxzzJA-K5oSMBU88qw6_tEL0

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 88A9 2 KB
1 KB 322ms
55ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=28076520&plc=339529955&sid=5549275&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0gFJH57ltwL8Ra06seGfmfD&c1=4845432&auorder=1006924362&aucmp=17040911013&aucrtv=431989017&auxch=1&pltfrm=1&ausite=32559837996&turl=https://www.stb.ua/ua/&aubndl=&dvregion=0&unit=300x600
Requested by: Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:55:21 GMT
Server: Microsoft-IIS/10.0
ETag: "42b02eb945ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 88A9 8 KB
4 KB 322ms
55ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Nov 2022 10:32:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0fff8d26f4d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221107/r20110914/client/ Frame 88A9 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221107/r20110914/client/window_focus_fy2021.js

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 23:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 23:19:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221107/r20110914/client/ Frame 88A9 18 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221107/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 20:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7380
x-xss-protection: 0
server: cafe
etag: 12918171938167859976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 20:32:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 88A9 0
0 50ms
49ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTD9V9pgb0Q3-_dC0IFxQxIT117KE9ZLF3tgrxtNlLmSED7Lf1l0Z9B5DhTY48p6DDKCANpZ7EERjAV0BHiLGYRjRHrHg
Requested by: Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 88A9 154 KB
47 KB 139ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 01:10:33 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0998 624 B
242 B 136ms
58ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhiZwv7NATAB&v=APEucNVjmK749RREZESqAqcyIlGZQiSR5h7h1bfqZ_REoiOU9H4EuO9kLSHlsgVc8tiyczp4SiD88oHDTv99zSOem2tbC3sM3j1NymnfnyloXoiV8etNhV0xg71k0AekwsBBvqBm399uah1OKDIW70dHxnlyAP-p8uyv50iVb1gJgVwUFKRccuU

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 01:10:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 95CE 15 KB
11 KB 155ms
77ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5F-srM3LLeHiiWnFLz_V-BPKef4nMoY-EENFFq2XoV9rgyuCLHb5HRS3-NNwoeqafVkdMuEt_Ws27ScjGNnK_2KjI1FH83WrPOWSUwNdvBWqISkg-yLfzZTLdvrNoITYI6YaxjqjCKs0YRd3vuXF6rSQJDim8XtF1A3RfzLF_ElJNsOA&cry=1&dbm_d=AKAmf-Bu3iJSVbKKL1OdL45CpOabj18ULag13uDNy8PizNN7xcucYBAgF4Ro2JKLCL1HJI0gjkOyv9CmSeCm2WXmwSBhKlkboBJ50f9EmFE06h0MPXi8tjgOU4FrPpVTMVvZhfuFmvO1d_gnXUVWbdbZAYg7vp4oinMVbMxPPxIiN0rWaa8W4owjm1x2f1_uzhvixF0mI3vc57sJm55kxDlhF3TcOBXwHpDGvaMtTCf5kfQ6TBr1Rwp28R3r427Afu-rcb6dz63ptdBX16AxYsCmuVNlrXZ-S5rYRQv5TrXjl2fC_Ok0LXUohSr0rBeVXQDKar9jv3mid2Aoq_mh4BkAdy7FupdW0Sek27cHsCzbbIKUMacFUlUAd5kQhHKTf-bnySqlfMXjVMyKIpsU8Use5ow1EXkBIxSwnuVule3jKNVkaMlDzK2ntq-I6OAZ_RmSiqQzguuhBFXao98ggk3eK1JXfX0ZSDUXzU-C3p3sYjVRjWEXE00eu8xBHavgLg5FscwkF8h4Dy5W-_GI2nbOTl-BA9W51uA-aA1lugyvDEWVbP25how-35tHDAz3GWmrbbtc_icUS8mdf8lUwEDmxGpUmafYdCAQSVkYf-a4sGZpe5n1gpEgqxOiBkoYlzjbxuvxdP_DqOVf0oNbUxIvYe4Abq0FHn1N15W5k8QDDgRN06nijglS5bW1RXes2eEgpa9vf34LDABIrBQiI023Ll83sSPvSboiLPplFQNnkVXIv_vipZrqogM9_2zVFRm9cfo-UeOIVgacBObnxAZFJmtwpisBQx7FBNh-kh7voudTxrFevT_GdJvdL376PmcsnyIdR6E7puaCJoAHNB04NxRT4JwX0STEfj0TbnofFEmV44O-3b-U_IKMNecWXNkLHEMbiRfFEjcWPhvg-ht1uFbiY1KjUCHHNv6kED58EcLrKFg51snjJzoYmuQXoTnkfdmgA2QmU2dehLMG__yToCskjqrr67kDy5Zf7wPJh5Ra2mj8uuHFezBI6Q2GHTp20YnZxxel82PnAx1gjMiYdsBqX1R-VsxgKW2w6IxgjeLsCTR5xvtQQufbrv0bdvnjhnmFvq2rJidBUiDl32kP2W7jOKCGzDhghrMsj87fKRr21aRGxf-lXaYf01GChaGCXM8nFpzSX1qaFmr4sXhh9HYgS5rB8sQgwk_u3pCmU-Qm8ya72WNxO8Sib_ntjPweQDqN8OGUcCrSITGe_N-w42CjBDGtqsCMnoWtBI2OfxbOvldj-uUUgLgqj5h03oBYFxiShQidVqDIfxXEjUvhArXqj55atzrZpqIPcIm4c0_8h8Um9MmNbOKhxni7WRE5zGjZJInHkdvWNZWRyhUKpVQPOj3KHM2th8830x5DbZN4e24FJgc08JOtwDRpl-shHYThhbZNEQ0jVIT-QHHJimyh8o6rCi9foHd1fOqqQrJauQHzWBk97U28Un_xIg0icsj47g7LNcs7iadMzoPFa7EQQ2whN8AdXz4uyxHAd9-seiLizY64JfD5d12wMyUWjb6Yu1etcKpKPB2-Mig2wguPQjl48QVbpZHgEBkl6_QmDIpKJ5wZHeAv500-7UXIBYaoG3_Ut1BM1FmF9UwKm1md0D53BBhXs_BqQSxzg5d9i0x-MAwTIWs4fxIpdnBqLD4BVJKloxwi95-n6wLKca_xKEFHDBYSL_Msq3xBHHpdN0IZ9kaxuFfc2YW8UVtPaO4Jk61axc8sZ_N2-8C1T3gTBdIWCC8RuJG2cX1LE-x6CGOAuoyO-DcafukyWNeaIS3-cof_e4Mdks7jX7TmH9sjHNNhEyzCs46s1qTKNMvc7uDisdB84C-DFnn4qbIZfUsmSQriwdc-aLGVD_ihYoEL2-53YF5vXxgl4Do2DyY6LB_Ajx8cPuytgt705NkV5uHEf8OTWFInJd7VCmoX2uqi56V2gprv0x9kuygCjMLp3i2r35GXMe5hDt2su_JlDjWOWBUzzfUnlLxzHkK8lZpw_Di4CFxUbSUNuy5Oc5AiYIBY1qGw3OdjVao8NBRZLw4TfsxdcyRFf5_PhoWbXab4_JK6b5DO7eaTtanrANtYM30VJF2BvFBTjUkbnv4rjx0hfKZ6vjdkfksWS-AIqNn85v3F96E5XVN4BAGzcf2bfhiAOZmhnGTwLwI9zRN0b1G0GrMccNcihOaIvw1FeihRoJhxGver5SlRvl_vWrSi5HlBAOw_vo-vzAfzDoFUVicD-XY5ni1AOgelFQW-_GYJMMHZh03yPmzLwxhR7YFgvAlieS2VaDTNvUaSra53c8xsN49RkZnhgUrN9c0f4hE6brW9_niFSaSP4RCL3EO7aWyecbtvihsmOBlVgLmHU7UaQjuEACX6qxjCwOES12o3q7mV2zwStDb58LRyitKQIRiqtgy4qUsAik0fBmnyvizdv5WcOfyIrI9_RBDFarT-8D76U60TtybStKGCvNrBWuFWCAuQ_PWzXNfNevL8chF827a75mzQJcJEoXkkQFPMIUkZriOjkzqXkcYLy9OAyojy9n6FZOHGpzLK7v00yabscFWoiT63DEQFisUOFWG0mQfOUQAWeZcOsytzyAcUZyOhmwGzEoJzcSCOXZ4bDebZ68TxcaLkW46Asmp78ix3BR_j8O-AewUj7SIY9MAtve7kxbC7gg9T42vO9Ydnf12eZgmnIzLhhhJGgsCBQPBzrsx7kx1-yszMO-l0Apd9KDAwfb8xEwCTYx7MPFdudQ-oDINtaA8Kl_0MnINalsExeG0LX_Z-zrlvVjri4SB7UlCYWPw&cid=CAQSPADq26N9cgXHMumSOhsZQ4nOb31fc_uCMh8qAxxQLUjvJVg9Oijy1uHbkjKDKOBanCeT9D16_xR2U2b8ZRgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.stb.ua%252F%240

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ae1106000210aa0c67b180cd4a00016e801cfb9692a47a0f9d2faff890c2e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 95CE 42 B
63 B 153ms
75ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BxP2VxhPgYdUDTTk8yCNUGVfujZD0pYTlRLinnqwFMdjIY0vR72liDKVF96l3YdD3ycm9G0WutDxft8eHUg-jlzbPyIHB1WMzxIgwvnaOG4eea3ws

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 95CE 2 KB
1 KB 319ms
55ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=28076520&plc=339529955&sid=5549275&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0jBZTLjJqK0-jVPcohAn2GG&c1=4845432&auorder=1006924362&aucmp=17040911013&aucrtv=431989017&auxch=1&pltfrm=1&ausite=32559837996&turl=https://www.stb.ua/ua/&aubndl=&dvregion=0&unit=300x600
Requested by: Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:55:21 GMT
Server: Microsoft-IIS/10.0
ETag: "42b02eb945ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 95CE 8 KB
4 KB 320ms
56ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Nov 2022 10:32:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0fff8d26f4d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221107/r20110914/client/ Frame 95CE 3 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221107/r20110914/client/window_focus_fy2021.js

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 23:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 23:19:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221107/r20110914/client/ Frame 95CE 18 KB
7 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221107/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 20:32:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7380
x-xss-protection: 0
server: cafe
etag: 12918171938167859976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 20:32:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 95CE 0
0 56ms
55ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTS9WeFzDarAGdJl7ercdPsPyIiScvLCm3GCZ4nhsH-HtzP1SLkrqEYmikIQU06qCzqz76YechzPMmCDlE9ROnyX2WHNA
Requested by: Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95CE 154 KB
47 KB 152ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 01:10:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ECE8 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.stb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 6499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 23:22:14 GMT
expires: Thu, 09 Nov 2023 23:22:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 85F8 783 B
533 B 57ms
56ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1b0831020cdd2595174b092ddec1ffe3afd2ee0e39d7e0ef512b3a4e169462ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-twhpNQ_bwicM0hI8S7H0Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.stb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-twhpNQ_bwicM0hI8S7H0Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 01:10:33 GMT
expires: Thu, 10 Nov 2022 01:10:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FAFB 369 KB
123 KB 130ms
47ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/58302844/SLDS_Outstream_Roll_VErta%26description_url%3Dhttps%253A%252F%252Fstb.ua%26tfcd%3D0%26npa%3D0%26ad_type%3Daudio_video%26sz%3D640x360%257C640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11ef585be993e093c615916bc711fe48c27e0df2ff616306b11bb79e8e4e886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126233
x-xss-protection: 0
expires: Thu, 10 Nov 2022 01:10:33 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FAFB 0
20 B 116ms
74ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.5469880408356347&wt=1668042633359&sdkv=h.3.543.0&xai=undefined&url=2,https%3A%2F%2Fwww.stb.ua%2Fua%2F$0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9631 0
15 B 40ms
39ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.stb.ua
Referer: https://www.stb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.stb.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 01:10:33 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame ECE8 36 KB
16 KB 53ms
42ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:04:04 GMT

GET
H/1.1 200
OK received Show response
aux-log2-sh.adtelligent.com/campaign/ 43 B
277 B 99ms
99ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/campaign/received?cmpId=29171&protocol=vpaidjs&waterfall_position=1&waterfall_id=18546926&advId=27865&isvm=0&performance=4.097759246826172&cb=1668042632435&format=outstream&height=360&width=640&site_id=STB_Outstream&site_full_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&aid=40298&sid=789&v=2.7.198&t=js&adId=8D24C9ADD1131BCF&env=desktop&country=82&is_secure_frame=false&domain=https%3A%2F%2Fwww.stb.ua&tte=0
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:32 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 85F8 0
0 73ms
73ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110701&jk=2717032052517801&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0998
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1

43 B
766 B

64ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhiZwv7NATAB&v=APEucNVjmK749RREZESqAqcyIlGZQiSR5h7h1bfqZ_REoiOU9H4EuO9kLSHlsgVc8tiyczp4SiD88oHDTv99zSOem2tbC3sM3j1NymnfnyloXoiV8etNhV0xg71k0AekwsBBvqBm399uah1OKDIW70dHxnlyAP-p8uyv50iVb1gJgVwUFKRccuU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0998
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2xPiQIWl1GgX2XpAbBowwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhiZwv7NATAB&v=APEucNVjmK749RREZESqAqcyIlGZQiSR5h7h1bfqZ_REoiOU9H4EuO9kLSHlsgVc8tiyczp4SiD88oHDTv99zSOem2tbC3sM3j1NymnfnyloXoiV8etNhV0xg71k0AekwsBBvqBm399uah1OKDIW70dHxnlyAP-p8uyv50iVb1gJgVwUFKRccuU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0998
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOcKXN0zOfdDxi3k_kd76-Y&google_cver=1

43 B
1 KB

65ms
40ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOcKXN0zOfdDxi3k_kd76-Y&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhiZwv7NATAB&v=APEucNVjmK749RREZESqAqcyIlGZQiSR5h7h1bfqZ_REoiOU9H4EuO9kLSHlsgVc8tiyczp4SiD88oHDTv99zSOem2tbC3sM3j1NymnfnyloXoiV8etNhV0xg71k0AekwsBBvqBm399uah1OKDIW70dHxnlyAP-p8uyv50iVb1gJgVwUFKRccuU

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:33 GMT
AN-X-Request-Uuid: 2bafac5a-1e53-4293-bdd8-39db6f003f3b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOcKXN0zOfdDxi3k_kd76-Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0998
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D

170 B
188 B

126ms
51ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 10 Nov 2022 01:10:33 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 54ddfef8-da89-4cf0-b4c5-dd5a27d6d1e4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 261F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1

43 B
766 B

64ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhiZwv7NATAB&v=APEucNVrnNTCHqJAAYslRewdhncs1EnPwxsk7TKaACT6uj3hCWBlaSW97_DbJ1qjwipRTIr4BATBuWXch7DSTPcsX62jB3ol8TAQMpxvc9QkrCAvTi80-Mv6iC1W5cc-4_Ku9VkaVzNvSHQO8JnVT87zCXTdsqDxMK6WTvQAXfDg1H7V18LipNc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 261F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2xPiQIWl1GgX2XpAbBowwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1

43 B
894 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhiZwv7NATAB&v=APEucNVrnNTCHqJAAYslRewdhncs1EnPwxsk7TKaACT6uj3hCWBlaSW97_DbJ1qjwipRTIr4BATBuWXch7DSTPcsX62jB3ol8TAQMpxvc9QkrCAvTi80-Mv6iC1W5cc-4_Ku9VkaVzNvSHQO8JnVT87zCXTdsqDxMK6WTvQAXfDg1H7V18LipNc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELts2P9U2dNTvBcuPAbJC-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 261F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOcKXN0zOfdDxi3k_kd76-Y&google_cver=1

43 B
1 KB

72ms
41ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOcKXN0zOfdDxi3k_kd76-Y&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQtJmtAhiZwv7NATAB&v=APEucNVrnNTCHqJAAYslRewdhncs1EnPwxsk7TKaACT6uj3hCWBlaSW97_DbJ1qjwipRTIr4BATBuWXch7DSTPcsX62jB3ol8TAQMpxvc9QkrCAvTi80-Mv6iC1W5cc-4_Ku9VkaVzNvSHQO8JnVT87zCXTdsqDxMK6WTvQAXfDg1H7V18LipNc

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:33 GMT
AN-X-Request-Uuid: ef76ae41-c508-44b1-8078-e87b2b23673c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOcKXN0zOfdDxi3k_kd76-Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 261F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D

170 B
188 B

133ms
51ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 10 Nov 2022 01:10:33 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5e11026f-aa98-49ff-a3ec-b9970a5950d9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 95CE 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5F-srM3LLeHiiWnFLz_V-BPKef4nMoY-EENFFq2XoV9rgyuCLHb5HRS3-NNwoeqafVkdMuEt_Ws27ScjGNnK_2KjI1FH83WrPOWSUwNdvBWqISkg-yLfzZTLdvrNoITYI6YaxjqjCKs0YRd3vuXF6rSQJDim8XtF1A3RfzLF_ElJNsOA&cry=1&dbm_d=AKAmf-Bu3iJSVbKKL1OdL45CpOabj18ULag13uDNy8PizNN7xcucYBAgF4Ro2JKLCL1HJI0gjkOyv9CmSeCm2WXmwSBhKlkboBJ50f9EmFE06h0MPXi8tjgOU4FrPpVTMVvZhfuFmvO1d_gnXUVWbdbZAYg7vp4oinMVbMxPPxIiN0rWaa8W4owjm1x2f1_uzhvixF0mI3vc57sJm55kxDlhF3TcOBXwHpDGvaMtTCf5kfQ6TBr1Rwp28R3r427Afu-rcb6dz63ptdBX16AxYsCmuVNlrXZ-S5rYRQv5TrXjl2fC_Ok0LXUohSr0rBeVXQDKar9jv3mid2Aoq_mh4BkAdy7FupdW0Sek27cHsCzbbIKUMacFUlUAd5kQhHKTf-bnySqlfMXjVMyKIpsU8Use5ow1EXkBIxSwnuVule3jKNVkaMlDzK2ntq-I6OAZ_RmSiqQzguuhBFXao98ggk3eK1JXfX0ZSDUXzU-C3p3sYjVRjWEXE00eu8xBHavgLg5FscwkF8h4Dy5W-_GI2nbOTl-BA9W51uA-aA1lugyvDEWVbP25how-35tHDAz3GWmrbbtc_icUS8mdf8lUwEDmxGpUmafYdCAQSVkYf-a4sGZpe5n1gpEgqxOiBkoYlzjbxuvxdP_DqOVf0oNbUxIvYe4Abq0FHn1N15W5k8QDDgRN06nijglS5bW1RXes2eEgpa9vf34LDABIrBQiI023Ll83sSPvSboiLPplFQNnkVXIv_vipZrqogM9_2zVFRm9cfo-UeOIVgacBObnxAZFJmtwpisBQx7FBNh-kh7voudTxrFevT_GdJvdL376PmcsnyIdR6E7puaCJoAHNB04NxRT4JwX0STEfj0TbnofFEmV44O-3b-U_IKMNecWXNkLHEMbiRfFEjcWPhvg-ht1uFbiY1KjUCHHNv6kED58EcLrKFg51snjJzoYmuQXoTnkfdmgA2QmU2dehLMG__yToCskjqrr67kDy5Zf7wPJh5Ra2mj8uuHFezBI6Q2GHTp20YnZxxel82PnAx1gjMiYdsBqX1R-VsxgKW2w6IxgjeLsCTR5xvtQQufbrv0bdvnjhnmFvq2rJidBUiDl32kP2W7jOKCGzDhghrMsj87fKRr21aRGxf-lXaYf01GChaGCXM8nFpzSX1qaFmr4sXhh9HYgS5rB8sQgwk_u3pCmU-Qm8ya72WNxO8Sib_ntjPweQDqN8OGUcCrSITGe_N-w42CjBDGtqsCMnoWtBI2OfxbOvldj-uUUgLgqj5h03oBYFxiShQidVqDIfxXEjUvhArXqj55atzrZpqIPcIm4c0_8h8Um9MmNbOKhxni7WRE5zGjZJInHkdvWNZWRyhUKpVQPOj3KHM2th8830x5DbZN4e24FJgc08JOtwDRpl-shHYThhbZNEQ0jVIT-QHHJimyh8o6rCi9foHd1fOqqQrJauQHzWBk97U28Un_xIg0icsj47g7LNcs7iadMzoPFa7EQQ2whN8AdXz4uyxHAd9-seiLizY64JfD5d12wMyUWjb6Yu1etcKpKPB2-Mig2wguPQjl48QVbpZHgEBkl6_QmDIpKJ5wZHeAv500-7UXIBYaoG3_Ut1BM1FmF9UwKm1md0D53BBhXs_BqQSxzg5d9i0x-MAwTIWs4fxIpdnBqLD4BVJKloxwi95-n6wLKca_xKEFHDBYSL_Msq3xBHHpdN0IZ9kaxuFfc2YW8UVtPaO4Jk61axc8sZ_N2-8C1T3gTBdIWCC8RuJG2cX1LE-x6CGOAuoyO-DcafukyWNeaIS3-cof_e4Mdks7jX7TmH9sjHNNhEyzCs46s1qTKNMvc7uDisdB84C-DFnn4qbIZfUsmSQriwdc-aLGVD_ihYoEL2-53YF5vXxgl4Do2DyY6LB_Ajx8cPuytgt705NkV5uHEf8OTWFInJd7VCmoX2uqi56V2gprv0x9kuygCjMLp3i2r35GXMe5hDt2su_JlDjWOWBUzzfUnlLxzHkK8lZpw_Di4CFxUbSUNuy5Oc5AiYIBY1qGw3OdjVao8NBRZLw4TfsxdcyRFf5_PhoWbXab4_JK6b5DO7eaTtanrANtYM30VJF2BvFBTjUkbnv4rjx0hfKZ6vjdkfksWS-AIqNn85v3F96E5XVN4BAGzcf2bfhiAOZmhnGTwLwI9zRN0b1G0GrMccNcihOaIvw1FeihRoJhxGver5SlRvl_vWrSi5HlBAOw_vo-vzAfzDoFUVicD-XY5ni1AOgelFQW-_GYJMMHZh03yPmzLwxhR7YFgvAlieS2VaDTNvUaSra53c8xsN49RkZnhgUrN9c0f4hE6brW9_niFSaSP4RCL3EO7aWyecbtvihsmOBlVgLmHU7UaQjuEACX6qxjCwOES12o3q7mV2zwStDb58LRyitKQIRiqtgy4qUsAik0fBmnyvizdv5WcOfyIrI9_RBDFarT-8D76U60TtybStKGCvNrBWuFWCAuQ_PWzXNfNevL8chF827a75mzQJcJEoXkkQFPMIUkZriOjkzqXkcYLy9OAyojy9n6FZOHGpzLK7v00yabscFWoiT63DEQFisUOFWG0mQfOUQAWeZcOsytzyAcUZyOhmwGzEoJzcSCOXZ4bDebZ68TxcaLkW46Asmp78ix3BR_j8O-AewUj7SIY9MAtve7kxbC7gg9T42vO9Ydnf12eZgmnIzLhhhJGgsCBQPBzrsx7kx1-yszMO-l0Apd9KDAwfb8xEwCTYx7MPFdudQ-oDINtaA8Kl_0MnINalsExeG0LX_Z-zrlvVjri4SB7UlCYWPw&cid=CAQSPADq26N9cgXHMumSOhsZQ4nOb31fc_uCMh8qAxxQLUjvJVg9Oijy1uHbkjKDKOBanCeT9D16_xR2U2b8ZRgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.stb.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 11:24:03 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 88A9 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcDmwCfA31ZMWxKALMs5dPLyDi3DWmCXlu0KijiWLyf81LZu2r4UhsCg2v8bJ-OsW3si3bH2e4-CTefNGCxCzkAHxA8b5DovkGvmCP7N13Ak64y37dsinsqWLWM4IJuLwpI5eB6Kh8GQSycld0DqgcKQMQt2YtzQGOakYMp1hGr856VPE&cry=1&dbm_d=AKAmf-BIJZZXyf9aZ9S7TaV7dHBXQyZC7nDDowa0UjvFPLjDoNVWdF2hqlM4qGCrhv1DC_gwxNCr2BARa5cZFiADuP4XIxvfj5hF7D4hLgvBOPizKVNoflcXcyfNWltDv2EKCOji9xdmztMm_4zTUGvztVJBP5qABiy01zJ0lGqytk_PirWJ12tqNu2hsM02tTOkrCd2C42wGTP5bbjF76gWNTgFMIEq8bnX2Zh0yHRi8WAnsRGttt0yTVSO1O_gSeBKRRQ1GZayCxa3pNyvISqPSLrqv5FDXxmrJ8TbE0WDTyTe0P7zsnEAn_nuk66kGcQmoB2yHTA1avCTD9tEO1sXHslsuQMut4aF0jp9PD77xazJ5ryUS0jz5UinCd7sQhVY-voKCmivEAQ7U2YBbEOvpxlGeHDHlE6hChPe02vN8ltuOW3vCJHNUrLSrt9O8lCZN2Vf00wcnyCgeo-Waf9D32dvxNA-IjUhhBS0S4-wnnXcxiqAMVBGwi1Sw-txN3q6z8Y8PcEp6BSBhw_L4JzAK0V3NAmIrljPYLXUZMDvphN5m2xKwzHkVlbYUjlTIgdcLQ1HHfTT7NxS7z6VT8Cu7Ejrny7Jmv0a3k2SUm5LDi2Ycv5Wr7ip8tPmOLIfr3M7TLkYwphm7sbDn0lWT5ejLa6HKqIPR76I400yGqc1xWLfkdJjhsLYcIRjjtXiKDTggIFbZlngkVhC0cYQgXMtybanZakw5W0cu4xjEweHT-sEnz_VEr4C-xy9JvfZ8ILWAVGbvlQ1KMxQeKBunAM38YZlPqah1gaLOoJFLFUukeSoU5MEoWSkY7lzYo4GiUMvosUZVmKRgHPfFG86d-KqWmvYlMXu8gj9a8wa6pZM23ObUHWAmgM_P-7_PGRGLQP6mPKjPCgGU7L8qTJxPHOwzv-_Cjb-Fv5wld5w33Hn-aIo0nzqQG_igC0l5QaDgaXvBXsSfUmqzFsEg7g9PkJgj7nxjDua3ZnxKqY9eaOy89Ek8-gxB3pfM9WN-H3NAypQHZIGVEWGHQCPmAJj0JCn_uzArYlsAgUEK65ZuE-pvLZzJuNqANLk2hCwgq9v_YQLOxjnwvF5YisWFdySWNy-_7Kk_K4sU38FfKwatwdVbAiLhysWQeMqmlen6gHoEfzJxyZKmVxjeQLfBkaI83RlplUhz7oGw6wBRW9erBnm7vd5USoLaFLUfzCIMAoOgvweN6pena1_LX_8U14scI0yBsVeT_1hGX59QwrVUdJsUk9hbZQor5dqRisJ2fwXrK7NwGQ6Pe8QxLsWlGvp6PDeE_LxINLzsEzB9RO5roE5neymGccXmf3F51MiWY2_Ynnyqx6RfD1i1CBp-6Loe0xA6SKjJs-Gr2-tJ1GMvOJF7SmIZfX-OW9qd7NAe50JBA2I9dx37bT0l8eT7J6r4wDmg1AL8R2Jw-b9ke6oj3UUMbj-w__B5knqn7NfeO_YR4mNpIvN4azvDPIBrdKzmkHPpStzSsd2EoCYPQNv9TwU2_WWLC5FXI_BAQPJT0LG-77bDnSMP2wVSwxgmv0NI9NV86iMDpkHTMagYAuMOZaegCunWCVMl3g42oGMfos9RDW9v8ANPKGFjJ_yfPtxzGFlN0wj3JV2qqhP63mcevJyehwQMP2JEnNMKg7eAVMQGkEbvmwNEsQF6RkZHBXs2hBAygj-kjJWibuRnT78QyGFaNR8z8BjQWuI8x4PBldNmb7zTE3ZcoxeRBdJEUVOenwKaIgqs6fFINS7yETG_N5nP561CRjPTYpV_IvSgYJ9uYMffOYCNW3Bc3Zv4h6mwILuzAicnsqftkx2bhiDYT0NlsL8PGhFEMhcRdEtT8iqQmMner7Z50ap9Rm8wX7xfLzt_Zhz7y6zUhmcpOPmaad2Wc0Wd6vB58XBet9Ectxfne35xGXOyfPRX7aqKcNMh-Pfk1f5CSyJW_eMA_bvcOlyFRrmEb7a12tSQTUgGxCWtkwSCreNNbyQdwWY2WZDyo0TgbYlFgRIbv6X72GjunA3oRwVipelI1Kk9hJERh7Kg1fcmeVNPXNCvynvJWOzhXpTGfeKHDjgIzA9-i-BilKd2NkKaD9xeiLg898kBiPkkoMVxiCXcRoCKpeX0JzukDUQhHjTmse57129STFxp3Y36SNwTrpmhZN2_xqKeE647erh4dd-jD1KaPJiYWa76JhvENLPGDUuVnYtZNhpCeIEloN9zb7nS1KTC5mmF65-dK-yxkCV1gb2kjlDKSjW9zSnWWIY6CHLd2Rx-dQGPlyKsJvOxTo9fHgq4SY5MIGQsLSOLEFVr7VhY1aVpAfRPh31WrpSPQsH_OAK0C8GJ7r7j6OTGC49SzI1hhqDq97AYsj7hjeKs28IbLcArvPuA-LraeeeCufA-n_dxfJ-Ulu3Gne0iKlTK34ytmm4euEikQV2rSHD6GueUL9joEsphSONEyZs6uxV31lNu079a7C1ZXHDTAIGk3wg2NiOV7rFydfnv-I9keeB0ob44AYjfWYpeGfEIn6Qy0rxXzwrHSchNNwbTJDzINfKQg0aZ7l_eHuUNN3tuIKMmCs2maDyNT2e-lVBSvmxQp7dTit0MFF9yhv2_WXopjCPYIs9aFvDgDEGPIjFkwAI4CHBu5Iz9bWf5ee1d09BqFQqn4RQC5VgBYOo4g1AgTzwLBsciqZfx-XC52uHEn-RZZjmqM3_zvoaLuoRxxxlSMK6jfNUJRvaFpxrxiuNJhuqU8mcsY26k_jEZXTTjlAZ09WubXctu4NoQ8IEZdVpS1i2JhiPOWK5B3hSgGQZF7Q&cid=CAQSPADq26N9cgXHMumSOhsZQ4nOb31fc_uCMh8qAxxQLUjvJVg9Oijy1uHbkjKDKOBanCeT9D16_xR2U2b8ZRgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.stb.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 11:24:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ECE8 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wY7O-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1387 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 481590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 11:24:03 GMT
expires: Sat, 04 Nov 2023 11:24:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BE09 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 481590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 11:24:03 GMT
expires: Sat, 04 Nov 2023 11:24:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.543.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3EDD 686 KB
221 KB 42ms
42ms Document
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6bc59f44e24e22caa74b10ed80241a95067ac087249eaa2d06d4319d6b5fbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 545310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226184
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 17:42:03 GMT
expires: Fri, 03 Nov 2023 17:42:03 GMT
last-modified: Thu, 03 Nov 2022 17:37:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FAFB 44 KB
17 KB 136ms
47ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 01:10:33 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame FAFB 107 B
122 B 137ms
56ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1387 36 KB
16 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:04:04 GMT

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame BE09 36 KB
16 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:04:04 GMT

GET
H/1.1 200
OK dvbs_src_internal113.js Show response
cdn.doubleverify.com/ Frame 88A9 59 KB
19 KB 60ms
59ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=28076520&plc=339529955&sid=5549275&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0gFJH57ltwL8Ra06seGfmfD&c1=4845432&auorder=1006924362&aucmp=17040911013&aucrtv=431989017&auxch=1&pltfrm=1&ausite=32559837996&turl=https://www.stb.ua/ua/&aubndl=&dvregion=0&unit=300x600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:56:00 GMT
Server: Microsoft-IIS/10.0
ETag: "0b85bd045ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19448

GET
H/1.1 200
OK dvbs_src_internal113.js Show response
cdn.doubleverify.com/ Frame 95CE 59 KB
19 KB 60ms
59ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25334725&cmp=28076520&plc=339529955&sid=5549275&aufilter1=4845432&prr=1&ppid=103&autt=1&auevent=ABAjH0jBZTLjJqK0-jVPcohAn2GG&c1=4845432&auorder=1006924362&aucmp=17040911013&aucrtv=431989017&auxch=1&pltfrm=1&ausite=32559837996&turl=https://www.stb.ua/ua/&aubndl=&dvregion=0&unit=300x600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:56:00 GMT
Server: Microsoft-IIS/10.0
ETag: "0b85bd045ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19448

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 95CE 443 B
547 B 256ms
56ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_140000466645&jsTagObjCallback=__tagObject_callback_140000466645&num=6&ctx=25334725&cmp=28076520&plc=339529955&sid=5549275&advid=&adsrv=&unit=300x600&isdvvid=&uid=140000466645&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=99&bridua=3&dup=null&ppid=103&auevent=ABAjH0jBZTLjJqK0-jVPcohAn2GG&aucmp=17040911013&aucrtv=431989017&auorder=1006924362&ausite=32559837996&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&c1=4845432&turl=https://www.stb.ua/ua/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DDE3%5DF2Tar9EEADTbpTauTauag76_df336fbeg32fhc2hf6chege673f%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauF2Tau&dvp_exetime=4.90&aubndl=&callbackName=__verify_callback_140000466645
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 060ce65ade5c6f4fcbcec79ec47cbdf5d258aa764c231dc0abe8f0eda435ceaf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:34 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 11/09/2022 01:10:34

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 88A9 443 B
550 B 236ms
47ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_535863881340&jsTagObjCallback=__tagObject_callback_535863881340&num=6&ctx=25334725&cmp=28076520&plc=339529955&sid=5549275&advid=&adsrv=&unit=300x600&isdvvid=&uid=535863881340&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=99&bridua=3&dup=null&ppid=103&auevent=ABAjH0gFJH57ltwL8Ra06seGfmfD&aucmp=17040911013&aucrtv=431989017&auorder=1006924362&ausite=32559837996&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&c1=4845432&turl=https://www.stb.ua/ua/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DDE3%5DF2Tar9EEADTbpTauTauag76_df336fbeg32fhc2hf6chege673f%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauF2Tau&dvp_exetime=2.70&aubndl=&callbackName=__verify_callback_535863881340
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 0036f3babb1f5df21d539a3c2b0c4efd18556febdc570073c3f0d9d79c9cc437

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:34 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 11/09/2022 01:10:34

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3EDD 28 KB
8 KB 586ms
470ms XHR
text/xml 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F58302844%2FSLDS_Outstream_Roll_VErta&description_url=https%3A%2F%2Fstb.ua&tfcd=0&npa=0&ad_type=audio_video&sz=640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&vpos=preroll&vpmute=0&vpa=click&type=js&vad_type=linear&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.543.0%2Fvpaid_adapter&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=996983295&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.543.0&sid=C009E406-B349-4055-BCED-52CCE75792B6&nel=0&eid=44748969%2C44765701&ref=about%3Ablank&url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&dlt=1668042633195&idt=558&dt=1668042633863&cookie=ID%3Da61769675fac5897%3AT%3D1668042632%3AS%3DALNI_Makmj5ifi_4DonYdp_26NXKYoeHHw&gpic=UID%3D00000b7f69a184a4%3AT%3D1668042632%3ART%3D1668042632%3AS%3DALNI_MY2wo4DgeNle5dQyamp5gCSySy5lA&correlator=1637171196220385&scor=1117929378234439&ged=ve4_td1_tt0_pd1_la1000_er1939.480.2299.1120_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc18688b4de69a2c2136442b7eb698a8ed4333955add58326223f81a4c47854c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7172
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1387 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmJQ2iU9sY5uyGt-Cx_AP_ZqsiA0AAAAAOAHgBAI&bg=!5Oel56PNAAbvMpMzzzI7ACkAdvg8WqUKUIA0pM7BRA9eSiAtM3quEe2HrFyd-5Zyxqa-66NdxpLcCwIAAADZUgAAAAJoAQcKAHeffCBebB-FEESJj5ZYEVxFiKAy7kHpzKLCW3y3_ow3pyechlm_SsthMuyCtpGCPY7fY_egwILavpjEkSRJFEYuMNahwsQ0l6Z3zVKoTdUpp1ECR-OjVklSjDcN1wjNsjQjUh-nKYcITNKJ3s9KgCo3NcpfRAphCpkC6byJ36DyYFDuVWgwffgJc-QShW4fSDs9-ZHcej7S7qc--tV2SGCV6ANAwtWufowIelApIMrBnHjXjWgEkKh7uhkKVt4GDmGELmTr4xPP-ea74xD9YupZMUNjYG773fIkuFzfZl0ZC-1ChFTv6CNG-dAGb3T47MC-A9_GDlSoXnMNFxAiXiCBHowPkLGJgoSFjqKeH9SBHWmxjIpEcdX62FXD11ZhABnjkF1c_iZ8AtM8Y-pJGYryj-QjcuZnwQ-8Ry9JIH88c3mNk3rQHgaog7uCXzXkLaHb6pD3zozIid1GiYyzOq0GfD26AfGTcasouURdOqhvjUh-lI37C3Vw4PTSPVxo82FS4-Khb6lD5PpYqKR2FJQw7wYvrzMbG-ryKpVbwxA6uCUxHXRe2gpsSHCkJKctM6BbEnOLo7to3DVUpENNt8ijTHW3O3wspp1dRGZFOXYR7XnuPHONQ6wd3BAN2pwVLfPBtGlb00gxz0-mNIVwAerSxothDsd8HAoLATcDnku4p7JMaHiRt-3yZMPXlS7xf2sPOzBaSlzOu7xm_yTduBqBJH69k9tBcn74n2cDPARiM4LjctkSLFKrQJdbf6aj9aDmTEC0WMr2I0K9MEc4tKOxCOf_KuOP3Kqt9Maq2OLlxUknNP8l3DyY-Li3pL7PmNPuH6iqyRtuF3HiW4SlQc7C0LGE4XbUaVHNdPsWS55i3y46xd8olsLrmUN5sgbxDYCKTDAJEIzCZFJO4XnGKJppGKtFIDKsuKr6OS2HO_VA3hpxTNcX8wLOq81bMG1JZ7pUGZxNvh5snfEfxBMpCaHHVHU5Uqkp4nNNndLMWSe3UBF-V-KrgQEc90Y7a8hPDB8XqNj26WGUn8XRbSE37wCqw3fTGBt4WJBQ68qK6FszZ0yC4HbMHq0vQAiE3s7M3Ys9rG6ux2wNqDM2Axp-l2gjgwkTiO39rnaJLb-OkiqBnXBsKUyGr2DTdyZZ9a0zw3EdxUg

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE09 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Boa6YiU9sY8OvGo3R7gOrj7CIBgAAAAA4AeAEAg&bg=!2Nul25_NAAbvMpMzzzI7ACkAdvg8WowR8dZB44AIHlM3qHl2Frs6-du9i-MjGuNintamtRDuqYgBRQIAAACdUgAAAANoAQeZAu4hOa0EgGMrXRwtwc35blWNELWEbwc4xb1CB2o1q0JrWgH62PG_n64x_w4Q8culANLFPquyFdlDgfYntJR7er1UdkCRPNY_s29L0oNhxYYX6z1jaT10bFPwlp9_KMf8O0nNUwD8ZGsgsXRqk8XcyFZsvjLFBu0THe29TiprUqgC72P_09F1NfroEXJZCdN3eO7dX6NzELFuLsN_PupH1wuwc2AsKTfwv0AtxnutnE4qu5SFlEjMUWYPHWW-lbXgiht4I1SGi3JQvPjonf9z3tBr1lgUN72mjIcgRc3GleGm9lisonkZwUzl4p0ABEIshiakY9o98SEokSobdbQ4DGodTjlZE-TQBmsDxcgzvXlX2rwzCEgDqai0XGLsX3hpUFNaWU2LVLRhadr6N3IwL38cj1Js6yFOjmM-32G46fCC7uYsuTkj0LP1g-e1TCf2HmMrgvRg8PPiDV0MURQ0LP9LzIqCai7T4SqYMztN4ox3yV9fcdrn_OTLnw4ggDGd9JaL-Gug6ZO9tJOrPzhXeZGzZdcs1UyWBAqW3BjlUlH2Z8sAtLiRBE9ptvt7NWjAOKNKNB16h211aUczqFKLhHe_RLhq3Q-r75U6uQRCqGz_cYFICaiorxpMlHIdvNhDMea3vwxieSnPSDDnPYWJARXxpL2XriTbBJ6ZRsKNKP6FNG3IohVOmkZq4F0DQvTwZ6rtNpIHVfBOChm5GwkgJa6dtE0xy2XJk-IMAejfUmGR_nJG2XA5WcYo0KAd6N6VrZLEGRkURBdSzYc_OHsETmdSz2KjGDYLeITsmrstujCSc4HmxotY633LkuTHfIbp2KDzQGwaSIinaP08jT-6_xf_6Cgu-SUqFwKcG9vSSm294HzhiBuRGm21H0Yjsz57_fsXRd-C4iWsHGVUw251gaHQpTIK9eSQ5hICV2D8ovSJbiD07vj_mhWAQ13DoNF1R1MnZZ7-XzqQHYSu4LjekTTfUEPVDJmB5QqOc6qkmgI

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 88A9 71 KB
23 KB 191ms
87ms Script
text/javascript 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV4Dblu8Znsco_jIdaCNG7ZV4JmfyQSLbU3X1WEKCj2-yQCYFQ&d=CokBAKAmf-Bq39ZAB5zSEtOY-y5sw5LrN59AXaYI6-GoG3SDDzWxEOV-ELdKYLjooJ3rVndPrqY1tbr3kTaj_2ZiHVpJCP739fvgbRMGGEDrEVMyfEvwYIIlwPcq1ljmdPo_hZgobwQT4L9sES29b7o3xBBzt_Up6r-FXUYi1QkXnMbkyovL7SgAp48S-RUAoCZ_4Ap0-jERjq6xQdfI9tviPg4DVb1GQQnsEGA5J-GsB4I-thn98UVCfGgXG4Ck8-XowcPDykF8uSi4AfSzE0Wyyk73EEgBtyEbEZ2UYfz-uXAGLpJEBR2pUyrHRS_vaQ3R549KIZqLh3mqojCuU733MWo9daPrrFuxbaCRYRWYEUiZiwlGJQtF8Lr30N13YP2eaHeyM9cRlYFXkMk2dISHgtbsJxvV35svGkhFz6lqsjHgchpej_YAI4K14u6552MMP_UbmPf-wC7hmlDY5xEytZ8zOnc6wgT0gnGewB0sguse141f3fJrReMTKQdi4vC3EJDwSmJOT5fpdMRxRo3uGZNwkxBJkaZ61-zutBBL5AJbVMwCTkFuyQVTPSoCMw_Tdy476p1_9vtWePzgr5dVpPiWqR0azwgi61-zkwu0xLf5fXxyBjmGMNpYGx1JdfcF7W1ARB-aoWv6Xt1qPNRMKHgQmBf7NszYHaZgsfxhIjOJDp_M4BPdWSsPEUWx4tRdzoRjtlZ6ewks99pJ3QHPjSeN88Yfs9jg67KQb0TC9s4ol7Y-Yhl-UfnPGSiF7xEx-uhTcf94iT4RnHPf-uqFUnAK2tyGEdNiEZCE-kcHmWg3T_TIF7nZTWiDVE-U7tOZHU-mRZEKDmtJH64KHdqQ2HFXXlIlwcn6dju30DJrNVDa8E7nGmcUw6Y9d45UqCRjfVMfEe5tQfJk8vzEtR8rJQpHYLKIZs5VbZN31D2xau7g1rtlsAEX1WfEK95OgWk6zHu1M49SPMXQw-P5n62lF7rB-4rdtuhT-8jYJGv84OnASocQdie5KczxMnUa7LWxiaJM_6IU3Dr3UodK5D88d1AucVWMdRlloL_jrdiV8yMOUZEMuMagmW2yAxqh1XIi3lnCtLqha6sZEBdOjL1_oIgvz5VlinPZykW3hBUnPoTO6AQ9eqyYr72QmiFefBQ8DpaI4akG9jMAQsPxwnYkBMMj4vQ5ZgcyM-ausM0FJqNGO2DEPLAtNYYIlaZDZ8M118yUz1kJcyM7AIK2vhB-v3MG7MsKB4c4azqn11ED_NVP3XeCM2S4F7p_hxNVA2r1uVxumpdoe2kzRO4q7ji2ZdaKrJgL6MMrwF0XFi4ltkOgpJt8cg1xFTWzGcp3UciIbCYCnZ1T_YW9sZ6yV2lfqMrYWFXzgIZgrej8YITSblpNs-Jw0qHeV4XzNRyAklwKBThyEp4Y1n2IBS_xYQ2RS7PKuHZ-ppG8a_ox4oMBWeLHq2subJFsWN3f6kmllpvSEIV4B6WJre2uHxONuXxogU1vP6lpTQp49Tnl3kOKB-ozAbhyrj-LeRA-XWPVwYKixlKfeP0FIB8mMHuBNXE8mMK7sq3fPYJQpZTkYBl_nZtQwMHUnouHFl2_OTm1OEU83wVQ8TrmseWlVcVra4JuiX7lT2Q3VTFMsk1DnYZaK94xOZ4AT5tJuGC_WI6uYGXhW-yPcEIAELIfIb4pgiU6d1czxrwBC7tyDLar7GzQEMnWmbuv0jPIwm7ZP7CJpVPiT_F8dH84K2hizlAp266KzdyNsgp-8jN1gcBC54EienzFd90B6TZZiuOvOUhoQ0gPot1hfE0TwAceNlkck2jqcf0u5nkpQC9k1jNEPNEbWjnelDTY2wcMClYT0zvVMu7iXWK90ula6ZzF5-s3kakSjIQdK_vrUtih_tlDIl5oNv_6Iu0zGWH-CMoXbsxjc6OkWCylekAl1iXdAw-NWS_SpNIp1aMNBNyVuxgHcuTuj7Lhe7HDTbNwDQG6MMMLyaxWXrh3bTQx1bncUQRghhPs2MZaVcqlEd8iyG9kvFxaKpFln_KEFeate54qNbvConfQJDPzOYommTM9YhPwnIXDw18ywvT5sxV8m-UU4pwWYnDYY_ryXs2dyb1pBse8xhN-uuGeS39Tyv0jFBxIcaQPBXa4pqbXzaNr8ItCYis9Uy9XXhq-34JaI5j9r9frlBvDF2SmhLY3tuYCLJ8z3CeYSK9xECwhcEvQo3E2GnxvdWPYZCnT034KCh-9NYVfKEiFORhIzwa5_b57goBufQfCVcxzG4ZPnUqaO0CUAkMRmAULLjuEMcqc6poeIxNsGojRJRhLycWO-VV6WuPPTp_PdXHsc-nV0zsASjj6txL-D94ZaP0GxkgG-27d_NJLRQ9zMPHipolc3REzBM0tfLame1_HsDvfM0-kSherEWCzpBFE-8wIrEdiFBERpWsHnxwx5MJILu3Jrvf3XJ9OCzj-NHnBAl51JO7LkCnJ6XegG-UGfzhkn8b5avKk4jnaoR24P6-i93xbiCth0eHH3Kg4_vuHdAhmeR73wlFiHD9dnDGC7hsN0cOKc6GSOSs7niEyKCE4VydKzKmqW2hw896c25iYJUB0-cbOgsOMgVGUNvZ7QgTXm8IoI3aQMMHI4nBVOkSHC2RV809wo8uGYNJW9NfE3Sx40Cqh6lEi_JXiRX0DDlt57t7YKDfOwEfxT_QNDcdBFSN35oLH3-YkaH8R_fu39XptFeMWYfN90CEdp4hmv4ENcIwtRASEABtPzV-B_w8XGMiZIRZ2kQkTJXHOKau5xtOETav2Cd1ZLNi2dd1UNjSDPVQHYTeWuVz5G6SE9o5oeaNZicP8aM6BUrojYLu6YlalXcyoYC8G3rBA-K05FBiImfkZyd6Jv-9YZn8iOe1P9K9OmOVi2JU9kNZyWPYie6lO_t4VwyyOIEiXhZAyL-ijESkE4jsuPh280A7_hK4X87lPhA1ZNLTM0pmQI6UZCssOhTyxLl86kJNOb06xt4MtLmjMNeb43rF2eV4HOpPW9CFRlYK4DIrJ5HVzirCheiLv7kW3jORBPH1SwJ4q9iZhqI5zYmUfFXQX8IaqJMe7uSZyecMEhIdmbhfXSck8m3Jb5U9ilvyNwH43PJBiZ7lhi-gJvo-O_pJUgvcfXGxtE7pJn4slw-XANe9xyCU5uLrZeAmlEgzWwycrJ_ALs7GKpc7BIpiYgsOgB90rXJ3srBNIiRFYYFsr9Q_mfXByJyAl5Rfzqwo2Oq8jQfyW02AJy3Q-0_KDsntX0vxR8A03ahKmp4oTju0p2N2TUhm967YytsVSnkzXNsxmsFJSYsmRCysOZgFF0qh7LakoXBZG7tCAUjdpy_lqnTi5Ip_wjy12StKDcuw7MwixG2j2d_XfjpuP-KQkDGujIFnPBSgVaqn_yKfG-YN6BiDLSMu5vdZc8sDj_O4wK9OVIReNKrO-heZTEa1wnoZ908pRTKfqpp80TiTdcqu_AcqslIzWzJEJJL__f8uo1UHkI4t-n-k0qjwucvvzVqE564enJecP_OhVlDcMfj8-d8dBfFabQAPCH-fs-1oM7AZA9Fx9arCuAHrZ8kMXtIneoOvQ-3LpKBL423c85CAhRuEeSufJqZJwq33kwhbGXtUw2SwaCecr1ApmZMRumP0HDolDplOAIHVJqdl9eqYmiDhSEEeesKQKEEuPhzNcnrwtfWzQ1Dj6IlHGRXyM2THlQSIeBcpKqyqhc_-G7PJmdjz55YJ3iNnnu4owE87yaDmt0hAdpzPOnQSvtWobD0tsYj0UyYtzDpjcekZfhGuU4qiVvTbaHJnt2fUZTTvelYtQClqes0OgxOA-yLsH935cTJrcl9ejMoc5DsvtdjTovMXB0ops9H7Eq_6fKXfEJRnxJw_NU5bUbcaP6mrrjwO_wq64sA5cr--TJ4njEVo1_rSoMBI4FcXgGkQIBBI8AOrbo31yBccy6ZI6GxlDic5vfV9z-4IyHyoDHFAtSO8lWD06KPLW4duSMoMo4FqcJ5P0PXr_FHZTZvxlGAEgE2AB

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

3c91f8aca626f4b34be3b4711d8a1515a173d476afa3f98cd731f06e4a8be44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23680
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 95CE 71 KB
24 KB 170ms
74ms Script
text/javascript 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV4Dblu8Znsco_jIdaCNG7ZV4JmfyQSLbU3X1WEKCj2-yQCYFQ&d=CokBAKAmf-BBvqUQKsRgfZRPpw9OVBQmz8uHSgHCDRT3a3x-lwrOLqpatvBao3Opfkdwv9cfHpULfLn4gwUmLWgxUqYqwQprj_Lu-2X10VtGJ2gttBRE7Tmu9rUiJwryzXqdWqUd3cJX_Lm1Jio3zf8x9AZiqC97KlbQ_V887cxWT2WRLFwCQG8iD7gSiRYAoCZ_4BWTLIhgE44_K0yOTNs3XSoAx-Ud7aZxwDGW13bCffINIhrx4joNpIeyjW2f89e4aJBBe6Vv_DWRsUWp3-w-UON4_zQjbihXdCiPFbcKEibXbR636hqE8Qhyqi2CfEy5ABvzz8276Tv98f_r43A3OyUqCiqv8ocL1yqKKU09x6SjpS6x87OirFA0wbHZKuB-ACZyqZXwaEQfytqExvoLvvu9phOEKj6eaNAJ2WZxqHjaGkgy9-Cd8Mnj0sfObjDrZ1tQ8gNcySKXjITX3T0ch4nny3rmiuQ7e_YM7RhMxumGjVH2qA0np3Fta6xTy2s_UFhgcj4GjMKrahI7GV9xuwg7Y4anDy2omip1oB4gy53J0ELLTltAj3Z0LAXcSLBaq12kA7dnRrbkl5LtXX2TSyQNyNFzk5-cNYxK-7nu-M_tsfqKN878SrTFuQ64c6O6Wve_O1NcYnTGS-qqMGJa2qztxbcEmH7cNS-hlz0xNKKR_GyjWkbpa4JicXsw_2Pei6LV1vuKd0gISN8FVyvrCFC4MSHypG10uzx-NnVNtQV-FkxBanma83rtximCJBBwcF_6QEDaEguN8uolRrUX2UrynaEBTBQR_mqtfXsGOrprdN4a1T5dmoLuy_KxRTL43GYqxZRjANoH4alsibML7jpw-Q3TYFazTHcuUQzLlJPmBJHoBSQ22_dC2AjkbqjooLiP_LbmEBVnYn407b32PUFVOhwwlvJEnuIbqZ1GauWs6F3hoGcsLITCaWRMQIz6LQFlDFSQ-e_QwN_ALoOuzSu6_0UKcau5p6RJKWU0u-USCD9-geW7GSgGzBu9_hS9GTZuTOeGvrxQWHtYqMcHRoLEYK9Jki_ym0_8rKFbAGBTQ7PmPn2VEa2SmqTgrbQTQdsx-wxQiVwknJJj0hLv1047R3SrezGMtjIYyLuL2ESytZBNIErb9jnsy2N14_zwxyNRQt7oyM8xRTZFv4waigN1SNjfMoZfVftzrjufWs7L0hNI3mnucNfSWY2z72ftrNv-CmM0K7ktnKoHj4IRJXp0SP7letsZELsYUDuWfqq9redRsz5pmuOGc34mubdiOjC-VNEe7W-bkdyh3tQGQHg9PbLOXrCYZO3O3gFSnY2O0uF29gRhu7QYaRVI8BeeYF2st-BXj3gSalTVTCDDqKXu_k3cgUWWeFSmZd3wRflxHP40QGhTPInWDbPR-xADVibPiYQ7RSzlJ8jZl6uSkDEAK9STY4RtUvQL1FTb-G4nGPOVYQxJJJCC8l7loUtOifa116Eyn50WkTy7fBuAOSDMROX_jXZuepypNEzUupxbS-BszviJRFKDGgofbn4f79FhN71wlLmxLUDKkddGETBJRZtDqpkCVqgvq0aKelt_q_a6vSTrlX0uFA1Ha_0qXqda3tNFVErHna5L18fMDXSFpJdcOVo4GVzPvxqHizgxyH3TbyG89CVO3NZRdIZot43p_Bx9iqG8IIAekFLsnacPy8ye1qF6iO5FLM0F7ToIk8xMFDZQxCiCEiRQRG3LsEAehA6pp2kJ7GxACXs5g8luq_7D3TOCuCPyXwcojRnhGFuW79wpOztlq11KS5uIqbg0lZ6YzZJ-nVZ6OwvJDWXzZ_-VH12Xzt6JukApefBf1U8XJRdyCb6qDLJ1sZ5EuhgcA0j5Hia9XI7zcjakXeTREzCEgqwDS5yyjTJMZiIRSlF2rzfH2dLIX2W3TQwlrcqFn4HCLqtX3oie92pXFKVKLeLAY9wBBoc1m7IxacTV9irXSI2M4bu0X7tI5j0K83ce4QtzEXBS8gkSVGXvbE6pmMC4YYXabYe_2Gs9hmaXHbj9Bw1xUxrywhduUJGaanYrccUt1UutcfbP_rw6Zje9u8yZMKJVzbpwzU-kXeMMHfobaIlE34QVjUCgAbOq7R3OQAJswgl1mXH-u5d5RCLfChs4MfdJf1ARVnfpIrihLWw85CCjbuRMf5GDit2Sv_F3bqWHc_pfMuo6_aYIC6hnazhexDq9Nf5NRodXHqHFRHD5RoomosCBEESFeTjJcD9uac24XqfHN7fQEfrzLaD7Ijwhwh-oRSVo4Rai1T23v3VsoHEfOw8a2-yT5crvXxrtbOpCCRKhYJgsmdDFR2zcwlOS-Ah-a_WTtQM2LgwyaYvdp5GZWM6P-_DLteE5eUAPpxUS1h_dk3ZboEdWV0nz05eT_O9RdJ9mtCcOvbuO035cCM4AzbkGcT95Z3gVmAQqE6J30DMFJYqowTafvs3HblA-DKQivjWCtwzG6GIrmcNcuf4XtAvXxF_5NuN9Sge1Gdd9-F58BVRDDaVn8brxxNVreh2iFR2QqhdkKSxekFNF-769KwZYMVbxjvxXIjGXmUH4omuthc7Z7czdl9kOfgWZwuzeVPc2C6M_BiKCaS3IKHbqDpRC_Ssculoqb8la9QvIiAm-Q1dQA3pnBlfpdP0HUjfgUC_RpW0ICQ3Cd4Eh1IGw6MkcIw2HZL15OLUiAktfPotNpMgUL1X03mDmSgD4SwrCO9M2Od6mdWuBj0TIlDVhWyGy87AZVomYDHjkBypjq7aiWj7bLd28CjNKkEAdDY6YUuwYUfrRZHJ8Q4gOn4_w3AxWOabu1joAwYpWcCQSmao1mqf0FYxwAdwIScJe082a7OHWBzHQlhxlhKe4Z4zGe7Ierv-rX6LHecAKLQENi_RBaanfJ6bCWFsKqmWOIRt2p-ipkciOTxZAxRIpfBSukPe4PuHGLq0Ucmp3p3nUJCEIaJFOBwNhRYQtQGa8t74s-IcV_2A3J-KzcBAsr35NRSGq3XhVI0iMl92fgrOOdrJpd-7O07Ho9gBpeZZRtQP42Eg3D48UCQoqgQFERbieH9Ar_3aCRIyOyEISgxyMIB3q_HRF3DrFSIuBSeVM-luEQ_bsNi3E9EEvX3pv5NKphdJhGW_Qva8dJqKvA_NqynFxBgD00Y5LWXAbUgxJZ0SAwPQaKpvR6dFXYO0DTx0HVjBc8nHp3AZUJ2dz2JQrIatKUXVTSezQgtlij4HlvCYz71JTGYOijC3l6Qs-35ZsL5rySldfuJ27QbrZn7QN_Xj4eGn8w5_UhKDz0D_u-jAUldH_AV14QPauQaYGga3NkVHGs4MsMmLua7DaGzhjtqWhcGzCL7qjHzBsymTA3IOeQxRJTfTPDP4duZlODgwzIg44yzlMlYZd5_0qzeEGjb_SdmQbD6fcZEjeTwOVHDxt_4nnyP85O88J0dyAR-AYY0XaD6jSJbxF-fM9RJsdi1-DZDG-Vp93uoIov0UIgZnFizZHWXDoQhYfsM7EswoZuj1rcLLo1XS9q1FaErkYYOq2JfTGQ5mk5hNQoeoaMrhm3vVtP4pxuM9__DespNOSxLqUWE2r_8kULZzaj0XWBlZTyxgGL4Odd3GvsRyey3k_m0JFsRPMzLsIXOxsDQIU-SiIpNkntOOVvn7s9j2jiuBzJYfNFO8zNVnAy3YnFgRTiP_vmtYuZ8C2uyn7gr7spg487t1KEdU3hOtJQFgWq14Vmql5JY-g_ESc1gDCyNp6XotdwZI71wOsS5QFyeKrTqiKntrbthfbMZ5xcZrkNElkNP9pzx_i4cfzPjCfzB385W6DjK8a0qwlJ8Ixubmy7LZKijiQzahLnxj35zGIyKcJ7I67drdTfXR0Pri9W9pfGxG_YlPtAecdZjD9BQKkQcnpHhRLeFGKU_pJ3fHItWfEaAJ0Nre9UX7xz9c7SkcOXw9Y59wQcMz7ya0u2BpECAQSPADq26N9cgXHMumSOhsZQ4nOb31fc_uCMh8qAxxQLUjvJVg9Oijy1uHbkjKDKOBanCeT9D16_xR2U2b8ZRgBIBNgAQ

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

434fc2d6d831d59b11cc58c794e2bfd14015d293a17ec7f5cec5be3717c0affc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23693
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5148 42 B
64 B 159ms
74ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBJAfsIRQKPoG36EPNTUh6jQjIzn_VV5CrCadxHfkapGbIuTU6zRynu0NAPNxN3OzVUSI60F-gK-xWq5zPYqMOGa_pk8g3zbFu3PD2C8lWabJvKY69&sig=Cg0ArKJSzL-IyoKTyrKcEAE&id=lidar2&mcvt=1002&p=0,-200,1300,1800&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20221109&bin=7&avms=nio&bs=1600,1200&mc=0.74&vu=1&app=0&itpl=3&adk=2919315043&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668042632825&rpt=249&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110701&jk=2717032052517801&bg=!lJell9PNAAbvMpMzzzI7ACkAdvg8Wlk6panlpwxUuLGSBtGc5fqBxBKbgiaavC6Hzz5A26Tzg399uwIAAABqUgAAAApoAQeZAqMhJnrxvkUulXzVJIPk9Evm2NeDeNbMpRezu1WmT0DPBfsceFDZ7KSCmyGGui2qGWr74tenrLVEJTX8dWDtSOH8U-n-U859UXpbgVtuNqnt8NteHs0r_NZ9Y_Gb8Dpuhj_YZ5T0KQUv9LWzwXFo6W6vFNyJAG_AvXiQOHKYOGOTjn4kwU2rUmJwdB_YUB6p85sD9fSbze3AQjFTkHK7zFXxGSvl8wi5nogBpJ_76Hi53gvcbLi0rCnxvMXE6uyM7LHnEzyVkflDw2xT1qqdlFb7EOre0E11f79ULTIGPjo1tqQwdofdQxNXHXM47hzGrHyxNx7IAPF0y4X5QYS6IIXPvZULdYVXukCsstToabuOTq2v6o--VtnCSEsiBaC1iU3El8ihCER7LRXoQtTSBqj17qiucJmu529OdHMYeiwP7tEvW5gEYnBOMNo5Q2wLHsAHn4F8lD3ou09VzgTbjLUw8lSXeimh3VTSC672D17LjeXVcYsZvIBEjvZRP2hyHH0jzcz-zPb6wqb1YgoEHRr_xf7ubt-A_rk3UXrUaG2larAq20gvlhYChVFOC0ELAkauf_4zNDRdw9QT4Rz8lt6LeuLY1sR78LG09BMfxC1AaV5BDLFyIbtSHI7PK3ek0hGwx56_T-EwSEoRazPP1EPSc8kCzzX6Cshb29zJfq579bIZmJVBR7XUZ3SczYW8O_stT9MZ_FwI39fDwjC7_4dCX-FNOQRMH1ZXscD5yvDTrN0FXmPK-x4JYM0BZsCRiCFyzFMuQ3h_9AaPqOJy9Q_VxockTAGvmBbl9Ev1-FCdkcE4llKdN93-Cp_KwHGCGfB4k4xgcmmrRqFjkOwRwbUvjFzGd8_50FdYxekIIwRg0GiAtG40ajuUrOIgyOWRXDy4fus
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 95CE 170 KB
59 KB 129ms
43ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
Origin: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221107/r20110914/elements/html/ Frame 95CE 8 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221107/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV4Dblu8Znsco_jIdaCNG7ZV4JmfyQSLbU3X1WEKCj2-yQCYFQ&d=CokBAKAmf-BBvqUQKsRgfZRPpw9OVBQmz8uHSgHCDRT3a3x-lwrOLqpatvBao3Opfkdwv9cfHpULfLn4gwUmLWgxUqYqwQprj_Lu-2X10VtGJ2gttBRE7Tmu9rUiJwryzXqdWqUd3cJX_Lm1Jio3zf8x9AZiqC97KlbQ_V887cxWT2WRLFwCQG8iD7gSiRYAoCZ_4BWTLIhgE44_K0yOTNs3XSoAx-Ud7aZxwDGW13bCffINIhrx4joNpIeyjW2f89e4aJBBe6Vv_DWRsUWp3-w-UON4_zQjbihXdCiPFbcKEibXbR636hqE8Qhyqi2CfEy5ABvzz8276Tv98f_r43A3OyUqCiqv8ocL1yqKKU09x6SjpS6x87OirFA0wbHZKuB-ACZyqZXwaEQfytqExvoLvvu9phOEKj6eaNAJ2WZxqHjaGkgy9-Cd8Mnj0sfObjDrZ1tQ8gNcySKXjITX3T0ch4nny3rmiuQ7e_YM7RhMxumGjVH2qA0np3Fta6xTy2s_UFhgcj4GjMKrahI7GV9xuwg7Y4anDy2omip1oB4gy53J0ELLTltAj3Z0LAXcSLBaq12kA7dnRrbkl5LtXX2TSyQNyNFzk5-cNYxK-7nu-M_tsfqKN878SrTFuQ64c6O6Wve_O1NcYnTGS-qqMGJa2qztxbcEmH7cNS-hlz0xNKKR_GyjWkbpa4JicXsw_2Pei6LV1vuKd0gISN8FVyvrCFC4MSHypG10uzx-NnVNtQV-FkxBanma83rtximCJBBwcF_6QEDaEguN8uolRrUX2UrynaEBTBQR_mqtfXsGOrprdN4a1T5dmoLuy_KxRTL43GYqxZRjANoH4alsibML7jpw-Q3TYFazTHcuUQzLlJPmBJHoBSQ22_dC2AjkbqjooLiP_LbmEBVnYn407b32PUFVOhwwlvJEnuIbqZ1GauWs6F3hoGcsLITCaWRMQIz6LQFlDFSQ-e_QwN_ALoOuzSu6_0UKcau5p6RJKWU0u-USCD9-geW7GSgGzBu9_hS9GTZuTOeGvrxQWHtYqMcHRoLEYK9Jki_ym0_8rKFbAGBTQ7PmPn2VEa2SmqTgrbQTQdsx-wxQiVwknJJj0hLv1047R3SrezGMtjIYyLuL2ESytZBNIErb9jnsy2N14_zwxyNRQt7oyM8xRTZFv4waigN1SNjfMoZfVftzrjufWs7L0hNI3mnucNfSWY2z72ftrNv-CmM0K7ktnKoHj4IRJXp0SP7letsZELsYUDuWfqq9redRsz5pmuOGc34mubdiOjC-VNEe7W-bkdyh3tQGQHg9PbLOXrCYZO3O3gFSnY2O0uF29gRhu7QYaRVI8BeeYF2st-BXj3gSalTVTCDDqKXu_k3cgUWWeFSmZd3wRflxHP40QGhTPInWDbPR-xADVibPiYQ7RSzlJ8jZl6uSkDEAK9STY4RtUvQL1FTb-G4nGPOVYQxJJJCC8l7loUtOifa116Eyn50WkTy7fBuAOSDMROX_jXZuepypNEzUupxbS-BszviJRFKDGgofbn4f79FhN71wlLmxLUDKkddGETBJRZtDqpkCVqgvq0aKelt_q_a6vSTrlX0uFA1Ha_0qXqda3tNFVErHna5L18fMDXSFpJdcOVo4GVzPvxqHizgxyH3TbyG89CVO3NZRdIZot43p_Bx9iqG8IIAekFLsnacPy8ye1qF6iO5FLM0F7ToIk8xMFDZQxCiCEiRQRG3LsEAehA6pp2kJ7GxACXs5g8luq_7D3TOCuCPyXwcojRnhGFuW79wpOztlq11KS5uIqbg0lZ6YzZJ-nVZ6OwvJDWXzZ_-VH12Xzt6JukApefBf1U8XJRdyCb6qDLJ1sZ5EuhgcA0j5Hia9XI7zcjakXeTREzCEgqwDS5yyjTJMZiIRSlF2rzfH2dLIX2W3TQwlrcqFn4HCLqtX3oie92pXFKVKLeLAY9wBBoc1m7IxacTV9irXSI2M4bu0X7tI5j0K83ce4QtzEXBS8gkSVGXvbE6pmMC4YYXabYe_2Gs9hmaXHbj9Bw1xUxrywhduUJGaanYrccUt1UutcfbP_rw6Zje9u8yZMKJVzbpwzU-kXeMMHfobaIlE34QVjUCgAbOq7R3OQAJswgl1mXH-u5d5RCLfChs4MfdJf1ARVnfpIrihLWw85CCjbuRMf5GDit2Sv_F3bqWHc_pfMuo6_aYIC6hnazhexDq9Nf5NRodXHqHFRHD5RoomosCBEESFeTjJcD9uac24XqfHN7fQEfrzLaD7Ijwhwh-oRSVo4Rai1T23v3VsoHEfOw8a2-yT5crvXxrtbOpCCRKhYJgsmdDFR2zcwlOS-Ah-a_WTtQM2LgwyaYvdp5GZWM6P-_DLteE5eUAPpxUS1h_dk3ZboEdWV0nz05eT_O9RdJ9mtCcOvbuO035cCM4AzbkGcT95Z3gVmAQqE6J30DMFJYqowTafvs3HblA-DKQivjWCtwzG6GIrmcNcuf4XtAvXxF_5NuN9Sge1Gdd9-F58BVRDDaVn8brxxNVreh2iFR2QqhdkKSxekFNF-769KwZYMVbxjvxXIjGXmUH4omuthc7Z7czdl9kOfgWZwuzeVPc2C6M_BiKCaS3IKHbqDpRC_Ssculoqb8la9QvIiAm-Q1dQA3pnBlfpdP0HUjfgUC_RpW0ICQ3Cd4Eh1IGw6MkcIw2HZL15OLUiAktfPotNpMgUL1X03mDmSgD4SwrCO9M2Od6mdWuBj0TIlDVhWyGy87AZVomYDHjkBypjq7aiWj7bLd28CjNKkEAdDY6YUuwYUfrRZHJ8Q4gOn4_w3AxWOabu1joAwYpWcCQSmao1mqf0FYxwAdwIScJe082a7OHWBzHQlhxlhKe4Z4zGe7Ierv-rX6LHecAKLQENi_RBaanfJ6bCWFsKqmWOIRt2p-ipkciOTxZAxRIpfBSukPe4PuHGLq0Ucmp3p3nUJCEIaJFOBwNhRYQtQGa8t74s-IcV_2A3J-KzcBAsr35NRSGq3XhVI0iMl92fgrOOdrJpd-7O07Ho9gBpeZZRtQP42Eg3D48UCQoqgQFERbieH9Ar_3aCRIyOyEISgxyMIB3q_HRF3DrFSIuBSeVM-luEQ_bsNi3E9EEvX3pv5NKphdJhGW_Qva8dJqKvA_NqynFxBgD00Y5LWXAbUgxJZ0SAwPQaKpvR6dFXYO0DTx0HVjBc8nHp3AZUJ2dz2JQrIatKUXVTSezQgtlij4HlvCYz71JTGYOijC3l6Qs-35ZsL5rySldfuJ27QbrZn7QN_Xj4eGn8w5_UhKDz0D_u-jAUldH_AV14QPauQaYGga3NkVHGs4MsMmLua7DaGzhjtqWhcGzCL7qjHzBsymTA3IOeQxRJTfTPDP4duZlODgwzIg44yzlMlYZd5_0qzeEGjb_SdmQbD6fcZEjeTwOVHDxt_4nnyP85O88J0dyAR-AYY0XaD6jSJbxF-fM9RJsdi1-DZDG-Vp93uoIov0UIgZnFizZHWXDoQhYfsM7EswoZuj1rcLLo1XS9q1FaErkYYOq2JfTGQ5mk5hNQoeoaMrhm3vVtP4pxuM9__DespNOSxLqUWE2r_8kULZzaj0XWBlZTyxgGL4Odd3GvsRyey3k_m0JFsRPMzLsIXOxsDQIU-SiIpNkntOOVvn7s9j2jiuBzJYfNFO8zNVnAy3YnFgRTiP_vmtYuZ8C2uyn7gr7spg487t1KEdU3hOtJQFgWq14Vmql5JY-g_ESc1gDCyNp6XotdwZI71wOsS5QFyeKrTqiKntrbthfbMZ5xcZrkNElkNP9pzx_i4cfzPjCfzB385W6DjK8a0qwlJ8Ixubmy7LZKijiQzahLnxj35zGIyKcJ7I67drdTfXR0Pri9W9pfGxG_YlPtAecdZjD9BQKkQcnpHhRLeFGKU_pJ3fHItWfEaAJ0Nre9UX7xz9c7SkcOXw9Y59wQcMz7ya0u2BpECAQSPADq26N9cgXHMumSOhsZQ4nOb31fc_uCMh8qAxxQLUjvJVg9Oijy1uHbkjKDKOBanCeT9D16_xR2U2b8ZRgBIBNgAQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 20:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 20:31:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221107/r20110914/ Frame 95CE 29 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221107/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddd61ecebf36941bd6d1aa20ca07868d826fd9eb6f3a5e660e0afbb703ae6793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 20:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11141
x-xss-protection: 0
server: cafe
etag: 7611781198975194673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 20:31:51 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 88A9 170 KB
59 KB 95ms
41ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
Origin: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221107/r20110914/elements/html/ Frame 88A9 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221107/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV4Dblu8Znsco_jIdaCNG7ZV4JmfyQSLbU3X1WEKCj2-yQCYFQ&d=CokBAKAmf-Bq39ZAB5zSEtOY-y5sw5LrN59AXaYI6-GoG3SDDzWxEOV-ELdKYLjooJ3rVndPrqY1tbr3kTaj_2ZiHVpJCP739fvgbRMGGEDrEVMyfEvwYIIlwPcq1ljmdPo_hZgobwQT4L9sES29b7o3xBBzt_Up6r-FXUYi1QkXnMbkyovL7SgAp48S-RUAoCZ_4Ap0-jERjq6xQdfI9tviPg4DVb1GQQnsEGA5J-GsB4I-thn98UVCfGgXG4Ck8-XowcPDykF8uSi4AfSzE0Wyyk73EEgBtyEbEZ2UYfz-uXAGLpJEBR2pUyrHRS_vaQ3R549KIZqLh3mqojCuU733MWo9daPrrFuxbaCRYRWYEUiZiwlGJQtF8Lr30N13YP2eaHeyM9cRlYFXkMk2dISHgtbsJxvV35svGkhFz6lqsjHgchpej_YAI4K14u6552MMP_UbmPf-wC7hmlDY5xEytZ8zOnc6wgT0gnGewB0sguse141f3fJrReMTKQdi4vC3EJDwSmJOT5fpdMRxRo3uGZNwkxBJkaZ61-zutBBL5AJbVMwCTkFuyQVTPSoCMw_Tdy476p1_9vtWePzgr5dVpPiWqR0azwgi61-zkwu0xLf5fXxyBjmGMNpYGx1JdfcF7W1ARB-aoWv6Xt1qPNRMKHgQmBf7NszYHaZgsfxhIjOJDp_M4BPdWSsPEUWx4tRdzoRjtlZ6ewks99pJ3QHPjSeN88Yfs9jg67KQb0TC9s4ol7Y-Yhl-UfnPGSiF7xEx-uhTcf94iT4RnHPf-uqFUnAK2tyGEdNiEZCE-kcHmWg3T_TIF7nZTWiDVE-U7tOZHU-mRZEKDmtJH64KHdqQ2HFXXlIlwcn6dju30DJrNVDa8E7nGmcUw6Y9d45UqCRjfVMfEe5tQfJk8vzEtR8rJQpHYLKIZs5VbZN31D2xau7g1rtlsAEX1WfEK95OgWk6zHu1M49SPMXQw-P5n62lF7rB-4rdtuhT-8jYJGv84OnASocQdie5KczxMnUa7LWxiaJM_6IU3Dr3UodK5D88d1AucVWMdRlloL_jrdiV8yMOUZEMuMagmW2yAxqh1XIi3lnCtLqha6sZEBdOjL1_oIgvz5VlinPZykW3hBUnPoTO6AQ9eqyYr72QmiFefBQ8DpaI4akG9jMAQsPxwnYkBMMj4vQ5ZgcyM-ausM0FJqNGO2DEPLAtNYYIlaZDZ8M118yUz1kJcyM7AIK2vhB-v3MG7MsKB4c4azqn11ED_NVP3XeCM2S4F7p_hxNVA2r1uVxumpdoe2kzRO4q7ji2ZdaKrJgL6MMrwF0XFi4ltkOgpJt8cg1xFTWzGcp3UciIbCYCnZ1T_YW9sZ6yV2lfqMrYWFXzgIZgrej8YITSblpNs-Jw0qHeV4XzNRyAklwKBThyEp4Y1n2IBS_xYQ2RS7PKuHZ-ppG8a_ox4oMBWeLHq2subJFsWN3f6kmllpvSEIV4B6WJre2uHxONuXxogU1vP6lpTQp49Tnl3kOKB-ozAbhyrj-LeRA-XWPVwYKixlKfeP0FIB8mMHuBNXE8mMK7sq3fPYJQpZTkYBl_nZtQwMHUnouHFl2_OTm1OEU83wVQ8TrmseWlVcVra4JuiX7lT2Q3VTFMsk1DnYZaK94xOZ4AT5tJuGC_WI6uYGXhW-yPcEIAELIfIb4pgiU6d1czxrwBC7tyDLar7GzQEMnWmbuv0jPIwm7ZP7CJpVPiT_F8dH84K2hizlAp266KzdyNsgp-8jN1gcBC54EienzFd90B6TZZiuOvOUhoQ0gPot1hfE0TwAceNlkck2jqcf0u5nkpQC9k1jNEPNEbWjnelDTY2wcMClYT0zvVMu7iXWK90ula6ZzF5-s3kakSjIQdK_vrUtih_tlDIl5oNv_6Iu0zGWH-CMoXbsxjc6OkWCylekAl1iXdAw-NWS_SpNIp1aMNBNyVuxgHcuTuj7Lhe7HDTbNwDQG6MMMLyaxWXrh3bTQx1bncUQRghhPs2MZaVcqlEd8iyG9kvFxaKpFln_KEFeate54qNbvConfQJDPzOYommTM9YhPwnIXDw18ywvT5sxV8m-UU4pwWYnDYY_ryXs2dyb1pBse8xhN-uuGeS39Tyv0jFBxIcaQPBXa4pqbXzaNr8ItCYis9Uy9XXhq-34JaI5j9r9frlBvDF2SmhLY3tuYCLJ8z3CeYSK9xECwhcEvQo3E2GnxvdWPYZCnT034KCh-9NYVfKEiFORhIzwa5_b57goBufQfCVcxzG4ZPnUqaO0CUAkMRmAULLjuEMcqc6poeIxNsGojRJRhLycWO-VV6WuPPTp_PdXHsc-nV0zsASjj6txL-D94ZaP0GxkgG-27d_NJLRQ9zMPHipolc3REzBM0tfLame1_HsDvfM0-kSherEWCzpBFE-8wIrEdiFBERpWsHnxwx5MJILu3Jrvf3XJ9OCzj-NHnBAl51JO7LkCnJ6XegG-UGfzhkn8b5avKk4jnaoR24P6-i93xbiCth0eHH3Kg4_vuHdAhmeR73wlFiHD9dnDGC7hsN0cOKc6GSOSs7niEyKCE4VydKzKmqW2hw896c25iYJUB0-cbOgsOMgVGUNvZ7QgTXm8IoI3aQMMHI4nBVOkSHC2RV809wo8uGYNJW9NfE3Sx40Cqh6lEi_JXiRX0DDlt57t7YKDfOwEfxT_QNDcdBFSN35oLH3-YkaH8R_fu39XptFeMWYfN90CEdp4hmv4ENcIwtRASEABtPzV-B_w8XGMiZIRZ2kQkTJXHOKau5xtOETav2Cd1ZLNi2dd1UNjSDPVQHYTeWuVz5G6SE9o5oeaNZicP8aM6BUrojYLu6YlalXcyoYC8G3rBA-K05FBiImfkZyd6Jv-9YZn8iOe1P9K9OmOVi2JU9kNZyWPYie6lO_t4VwyyOIEiXhZAyL-ijESkE4jsuPh280A7_hK4X87lPhA1ZNLTM0pmQI6UZCssOhTyxLl86kJNOb06xt4MtLmjMNeb43rF2eV4HOpPW9CFRlYK4DIrJ5HVzirCheiLv7kW3jORBPH1SwJ4q9iZhqI5zYmUfFXQX8IaqJMe7uSZyecMEhIdmbhfXSck8m3Jb5U9ilvyNwH43PJBiZ7lhi-gJvo-O_pJUgvcfXGxtE7pJn4slw-XANe9xyCU5uLrZeAmlEgzWwycrJ_ALs7GKpc7BIpiYgsOgB90rXJ3srBNIiRFYYFsr9Q_mfXByJyAl5Rfzqwo2Oq8jQfyW02AJy3Q-0_KDsntX0vxR8A03ahKmp4oTju0p2N2TUhm967YytsVSnkzXNsxmsFJSYsmRCysOZgFF0qh7LakoXBZG7tCAUjdpy_lqnTi5Ip_wjy12StKDcuw7MwixG2j2d_XfjpuP-KQkDGujIFnPBSgVaqn_yKfG-YN6BiDLSMu5vdZc8sDj_O4wK9OVIReNKrO-heZTEa1wnoZ908pRTKfqpp80TiTdcqu_AcqslIzWzJEJJL__f8uo1UHkI4t-n-k0qjwucvvzVqE564enJecP_OhVlDcMfj8-d8dBfFabQAPCH-fs-1oM7AZA9Fx9arCuAHrZ8kMXtIneoOvQ-3LpKBL423c85CAhRuEeSufJqZJwq33kwhbGXtUw2SwaCecr1ApmZMRumP0HDolDplOAIHVJqdl9eqYmiDhSEEeesKQKEEuPhzNcnrwtfWzQ1Dj6IlHGRXyM2THlQSIeBcpKqyqhc_-G7PJmdjz55YJ3iNnnu4owE87yaDmt0hAdpzPOnQSvtWobD0tsYj0UyYtzDpjcekZfhGuU4qiVvTbaHJnt2fUZTTvelYtQClqes0OgxOA-yLsH935cTJrcl9ejMoc5DsvtdjTovMXB0ops9H7Eq_6fKXfEJRnxJw_NU5bUbcaP6mrrjwO_wq64sA5cr--TJ4njEVo1_rSoMBI4FcXgGkQIBBI8AOrbo31yBccy6ZI6GxlDic5vfV9z-4IyHyoDHFAtSO8lWD06KPLW4duSMoMo4FqcJ5P0PXr_FHZTZvxlGAEgE2AB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 20:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 20:31:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221107/r20110914/ Frame 88A9 29 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221107/r20110914/abg_lite.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV4Dblu8Znsco_jIdaCNG7ZV4JmfyQSLbU3X1WEKCj2-yQCYFQ&d=CokBAKAmf-Bq39ZAB5zSEtOY-y5sw5LrN59AXaYI6-GoG3SDDzWxEOV-ELdKYLjooJ3rVndPrqY1tbr3kTaj_2ZiHVpJCP739fvgbRMGGEDrEVMyfEvwYIIlwPcq1ljmdPo_hZgobwQT4L9sES29b7o3xBBzt_Up6r-FXUYi1QkXnMbkyovL7SgAp48S-RUAoCZ_4Ap0-jERjq6xQdfI9tviPg4DVb1GQQnsEGA5J-GsB4I-thn98UVCfGgXG4Ck8-XowcPDykF8uSi4AfSzE0Wyyk73EEgBtyEbEZ2UYfz-uXAGLpJEBR2pUyrHRS_vaQ3R549KIZqLh3mqojCuU733MWo9daPrrFuxbaCRYRWYEUiZiwlGJQtF8Lr30N13YP2eaHeyM9cRlYFXkMk2dISHgtbsJxvV35svGkhFz6lqsjHgchpej_YAI4K14u6552MMP_UbmPf-wC7hmlDY5xEytZ8zOnc6wgT0gnGewB0sguse141f3fJrReMTKQdi4vC3EJDwSmJOT5fpdMRxRo3uGZNwkxBJkaZ61-zutBBL5AJbVMwCTkFuyQVTPSoCMw_Tdy476p1_9vtWePzgr5dVpPiWqR0azwgi61-zkwu0xLf5fXxyBjmGMNpYGx1JdfcF7W1ARB-aoWv6Xt1qPNRMKHgQmBf7NszYHaZgsfxhIjOJDp_M4BPdWSsPEUWx4tRdzoRjtlZ6ewks99pJ3QHPjSeN88Yfs9jg67KQb0TC9s4ol7Y-Yhl-UfnPGSiF7xEx-uhTcf94iT4RnHPf-uqFUnAK2tyGEdNiEZCE-kcHmWg3T_TIF7nZTWiDVE-U7tOZHU-mRZEKDmtJH64KHdqQ2HFXXlIlwcn6dju30DJrNVDa8E7nGmcUw6Y9d45UqCRjfVMfEe5tQfJk8vzEtR8rJQpHYLKIZs5VbZN31D2xau7g1rtlsAEX1WfEK95OgWk6zHu1M49SPMXQw-P5n62lF7rB-4rdtuhT-8jYJGv84OnASocQdie5KczxMnUa7LWxiaJM_6IU3Dr3UodK5D88d1AucVWMdRlloL_jrdiV8yMOUZEMuMagmW2yAxqh1XIi3lnCtLqha6sZEBdOjL1_oIgvz5VlinPZykW3hBUnPoTO6AQ9eqyYr72QmiFefBQ8DpaI4akG9jMAQsPxwnYkBMMj4vQ5ZgcyM-ausM0FJqNGO2DEPLAtNYYIlaZDZ8M118yUz1kJcyM7AIK2vhB-v3MG7MsKB4c4azqn11ED_NVP3XeCM2S4F7p_hxNVA2r1uVxumpdoe2kzRO4q7ji2ZdaKrJgL6MMrwF0XFi4ltkOgpJt8cg1xFTWzGcp3UciIbCYCnZ1T_YW9sZ6yV2lfqMrYWFXzgIZgrej8YITSblpNs-Jw0qHeV4XzNRyAklwKBThyEp4Y1n2IBS_xYQ2RS7PKuHZ-ppG8a_ox4oMBWeLHq2subJFsWN3f6kmllpvSEIV4B6WJre2uHxONuXxogU1vP6lpTQp49Tnl3kOKB-ozAbhyrj-LeRA-XWPVwYKixlKfeP0FIB8mMHuBNXE8mMK7sq3fPYJQpZTkYBl_nZtQwMHUnouHFl2_OTm1OEU83wVQ8TrmseWlVcVra4JuiX7lT2Q3VTFMsk1DnYZaK94xOZ4AT5tJuGC_WI6uYGXhW-yPcEIAELIfIb4pgiU6d1czxrwBC7tyDLar7GzQEMnWmbuv0jPIwm7ZP7CJpVPiT_F8dH84K2hizlAp266KzdyNsgp-8jN1gcBC54EienzFd90B6TZZiuOvOUhoQ0gPot1hfE0TwAceNlkck2jqcf0u5nkpQC9k1jNEPNEbWjnelDTY2wcMClYT0zvVMu7iXWK90ula6ZzF5-s3kakSjIQdK_vrUtih_tlDIl5oNv_6Iu0zGWH-CMoXbsxjc6OkWCylekAl1iXdAw-NWS_SpNIp1aMNBNyVuxgHcuTuj7Lhe7HDTbNwDQG6MMMLyaxWXrh3bTQx1bncUQRghhPs2MZaVcqlEd8iyG9kvFxaKpFln_KEFeate54qNbvConfQJDPzOYommTM9YhPwnIXDw18ywvT5sxV8m-UU4pwWYnDYY_ryXs2dyb1pBse8xhN-uuGeS39Tyv0jFBxIcaQPBXa4pqbXzaNr8ItCYis9Uy9XXhq-34JaI5j9r9frlBvDF2SmhLY3tuYCLJ8z3CeYSK9xECwhcEvQo3E2GnxvdWPYZCnT034KCh-9NYVfKEiFORhIzwa5_b57goBufQfCVcxzG4ZPnUqaO0CUAkMRmAULLjuEMcqc6poeIxNsGojRJRhLycWO-VV6WuPPTp_PdXHsc-nV0zsASjj6txL-D94ZaP0GxkgG-27d_NJLRQ9zMPHipolc3REzBM0tfLame1_HsDvfM0-kSherEWCzpBFE-8wIrEdiFBERpWsHnxwx5MJILu3Jrvf3XJ9OCzj-NHnBAl51JO7LkCnJ6XegG-UGfzhkn8b5avKk4jnaoR24P6-i93xbiCth0eHH3Kg4_vuHdAhmeR73wlFiHD9dnDGC7hsN0cOKc6GSOSs7niEyKCE4VydKzKmqW2hw896c25iYJUB0-cbOgsOMgVGUNvZ7QgTXm8IoI3aQMMHI4nBVOkSHC2RV809wo8uGYNJW9NfE3Sx40Cqh6lEi_JXiRX0DDlt57t7YKDfOwEfxT_QNDcdBFSN35oLH3-YkaH8R_fu39XptFeMWYfN90CEdp4hmv4ENcIwtRASEABtPzV-B_w8XGMiZIRZ2kQkTJXHOKau5xtOETav2Cd1ZLNi2dd1UNjSDPVQHYTeWuVz5G6SE9o5oeaNZicP8aM6BUrojYLu6YlalXcyoYC8G3rBA-K05FBiImfkZyd6Jv-9YZn8iOe1P9K9OmOVi2JU9kNZyWPYie6lO_t4VwyyOIEiXhZAyL-ijESkE4jsuPh280A7_hK4X87lPhA1ZNLTM0pmQI6UZCssOhTyxLl86kJNOb06xt4MtLmjMNeb43rF2eV4HOpPW9CFRlYK4DIrJ5HVzirCheiLv7kW3jORBPH1SwJ4q9iZhqI5zYmUfFXQX8IaqJMe7uSZyecMEhIdmbhfXSck8m3Jb5U9ilvyNwH43PJBiZ7lhi-gJvo-O_pJUgvcfXGxtE7pJn4slw-XANe9xyCU5uLrZeAmlEgzWwycrJ_ALs7GKpc7BIpiYgsOgB90rXJ3srBNIiRFYYFsr9Q_mfXByJyAl5Rfzqwo2Oq8jQfyW02AJy3Q-0_KDsntX0vxR8A03ahKmp4oTju0p2N2TUhm967YytsVSnkzXNsxmsFJSYsmRCysOZgFF0qh7LakoXBZG7tCAUjdpy_lqnTi5Ip_wjy12StKDcuw7MwixG2j2d_XfjpuP-KQkDGujIFnPBSgVaqn_yKfG-YN6BiDLSMu5vdZc8sDj_O4wK9OVIReNKrO-heZTEa1wnoZ908pRTKfqpp80TiTdcqu_AcqslIzWzJEJJL__f8uo1UHkI4t-n-k0qjwucvvzVqE564enJecP_OhVlDcMfj8-d8dBfFabQAPCH-fs-1oM7AZA9Fx9arCuAHrZ8kMXtIneoOvQ-3LpKBL423c85CAhRuEeSufJqZJwq33kwhbGXtUw2SwaCecr1ApmZMRumP0HDolDplOAIHVJqdl9eqYmiDhSEEeesKQKEEuPhzNcnrwtfWzQ1Dj6IlHGRXyM2THlQSIeBcpKqyqhc_-G7PJmdjz55YJ3iNnnu4owE87yaDmt0hAdpzPOnQSvtWobD0tsYj0UyYtzDpjcekZfhGuU4qiVvTbaHJnt2fUZTTvelYtQClqes0OgxOA-yLsH935cTJrcl9ejMoc5DsvtdjTovMXB0ops9H7Eq_6fKXfEJRnxJw_NU5bUbcaP6mrrjwO_wq64sA5cr--TJ4njEVo1_rSoMBI4FcXgGkQIBBI8AOrbo31yBccy6ZI6GxlDic5vfV9z-4IyHyoDHFAtSO8lWD06KPLW4duSMoMo4FqcJ5P0PXr_FHZTZvxlGAEgE2AB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddd61ecebf36941bd6d1aa20ca07868d826fd9eb6f3a5e660e0afbb703ae6793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 20:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11141
x-xss-protection: 0
server: cafe
etag: 7611781198975194673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 20:31:51 GMT

GET
H/1.1 200
OK dv-measurements3130.js Show response
cdn.doubleverify.com/ Frame 23AE 545 KB
105 KB 59ms
59ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3130.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:34 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 11:48:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e9d655d5e6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106973

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7829 1 KB
643 B 44ms
43ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 39174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Thu, 10 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 95CE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6136257029a04edcf9f098ff3df9c78931a3863059bbe86cf5ca67037dcaab0a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements3130.js Show response
cdn.doubleverify.com/ Frame E155 545 KB
105 KB 59ms
59ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3130.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:34 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 11:48:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e9d655d5e6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106973

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E567 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 39174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Thu, 10 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 88A9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2048e53cfa361aba6d82bae20ed646c236cbe5562c48c83e2220b08e878bfbad

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7829
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKy-OlFYft53MpWZMXmVH6g&google_cver=1&google_push=ASkJ3FZa_B0YmJhqe3EctblpjXTgREIeAfi-YUfl3_WHUNnS2Kz7dGwPpUOTVUWs-Bux4mH7oxVGM8yc06yoiyTXql8OTDqyS3LJ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU0NDg3NDMyMDQzNDYxMzc0OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAsvWNvp9W0qH2Uke_MqqxE&google_cver=1

43 B
398 B

88ms
40ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAsvWNvp9W0qH2Uke_MqqxE&google_cver=1
Requested by: Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAsvWNvp9W0qH2Uke_MqqxE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7829 70 B
265 B 137ms
41ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEO-JclZ2OseI-sj8vPE3C7I&google_cver=1&google_push=ASkJ3Fbo5gXevF2bmXcyrIrVZ3ySWHi7LSoii0sEo22cWmuRj8OSwm4hUyGt04aSNEO-tKkbtcJmnC-gXD-PD97bc-LgyBdac_Q
Requested by: Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7829
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEJ6DkBh3xEI7ogbSSUlolxg&google_cver=1&google_push=ASkJ3FZ_X_B114nk7zD5PNUfyNVoHVhbrzt0_yiXM_CXyPXp9_8GndKQ8erYXS1kj9vF7zUNKWRShQQYsHdySS...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NDE4ODU2MTM3MjczOTczMA%3D%3D&google_push=ASkJ3FZ_X_B114nk7zD5PNUfyNVoHVhbrzt0_yiXM_CXyPXp9_8GndKQ8erYXS1kj9vF7zUNKWRShQQYsHdySS67We...

170 B
188 B

53ms
53ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NDE4ODU2MTM3MjczOTczMA%3D%3D&google_push=ASkJ3FZ_X_B114nk7zD5PNUfyNVoHVhbrzt0_yiXM_CXyPXp9_8GndKQ8erYXS1kj9vF7zUNKWRShQQYsHdySS67WeCeOmueFV10

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NDE4ODU2MTM3MjczOTczMA%3D%3D&google_push=ASkJ3FZ_X_B114nk7zD5PNUfyNVoHVhbrzt0_yiXM_CXyPXp9_8GndKQ8erYXS1kj9vF7zUNKWRShQQYsHdySS67WeCeOmueFV10
Date: Thu, 10 Nov 2022 01:10:34 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7829
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIG-V5Yw4lhzx0dwa7ztlu4&google_cver=1&google_push=ASkJ3Fax1X2rRdUskGhvuBWoBJy8ARyjp5eXVdBFp4EmSu6v4CMoaeEOJyhCShuxKao_rdf-UCjoopyur0SpCQJo...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=s1-zIiLrTCOTRFztVjkFxQ2&google_push=ASkJ3Fax1X2rRdUskGhvuBWoBJy8ARyjp5eXVdBFp4EmSu6v4CMoaeEOJyhCShuxKao_rdf-UCjoopyur0SpCQJo97kHkcAyRGWT

170 B
188 B

55ms
55ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=s1-zIiLrTCOTRFztVjkFxQ2&google_push=ASkJ3Fax1X2rRdUskGhvuBWoBJy8ARyjp5eXVdBFp4EmSu6v4CMoaeEOJyhCShuxKao_rdf-UCjoopyur0SpCQJo97kHkcAyRGWT

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 10 Nov 2022 01:10:34 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=s1-zIiLrTCOTRFztVjkFxQ2&google_push=ASkJ3Fax1X2rRdUskGhvuBWoBJy8ARyjp5eXVdBFp4EmSu6v4CMoaeEOJyhCShuxKao_rdf-UCjoopyur0SpCQJo97kHkcAyRGWT
x-host: tde-deliveryengine-production-75756477cb-75f6s
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7829
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDB57E2uJIKJyhJEL2pwkcE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDB57E2uJIKJyhJEL2pwkcE&google_hm=Y2xPiQIWl1GgX2XpAbBowwAACLIAAAAB&google_nid=index&google_push=ASkJ3FazZL5gip0VjtTrsFi6gpXn3CJqVTDVr...

170 B
188 B

54ms
54ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDB57E2uJIKJyhJEL2pwkcE&google_hm=Y2xPiQIWl1GgX2XpAbBowwAACLIAAAAB&google_nid=index&google_push=ASkJ3FazZL5gip0VjtTrsFi6gpXn3CJqVTDVrcE5JPwsTpVb_8sI_Q9xcRaxRQxyGvraLlHjo9P7hVqa_C5WzPxbzRGxkWTuTI6k

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NEcaVEG2%2FAfKMUxKRhYGg9ZtOpARcqcejiGF0NszPdEx4iLuBlNta1CcyBmVatSu4%2BmQL6bGf6LG8FWnGI6h6C7KA3YIFdy39eMaLlBwXv1FWck%2BjfT6CJJOMPGkS3QocSWlHv8N37GyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDB57E2uJIKJyhJEL2pwkcE&google_hm=Y2xPiQIWl1GgX2XpAbBowwAACLIAAAAB&google_nid=index&google_push=ASkJ3FazZL5gip0VjtTrsFi6gpXn3CJqVTDVrcE5JPwsTpVb_8sI_Q9xcRaxRQxyGvraLlHjo9P7hVqa_C5WzPxbzRGxkWTuTI6k
cache-control: no-cache
cf-ray: 767ae8c16b790757-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7829
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN8LlFwyHHA-7lrIFkTiTDI&google_cver=1&google_push=ASkJ3FYjiMybiQ7opb0tyoXmZDBpRJWdZ8nObOT83NUYxgXwNrJSocSR6u8yx41F043YyClwcnw0PGfxRGeW...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYjiMybiQ7opb0tyoXmZDBpRJWdZ8nObOT83NUYxgXwNrJSocSR6u8yx41F043YyClwcnw0PGfxRGeWXCePElgKMUHn9OY

170 B
188 B

55ms
55ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYjiMybiQ7opb0tyoXmZDBpRJWdZ8nObOT83NUYxgXwNrJSocSR6u8yx41F043YyClwcnw0PGfxRGeWXCePElgKMUHn9OY

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYjiMybiQ7opb0tyoXmZDBpRJWdZ8nObOT83NUYxgXwNrJSocSR6u8yx41F043YyClwcnw0PGfxRGeWXCePElgKMUHn9OY
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7829
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEA_fzh4ttGSaqj4_p38TLhI&google_cver=1&google_push=ASkJ3Fb8cTLgathAyaODT1KSgjteUidMzgHPbx4DGamisjHdlhmfDDPVIYUPDQVFjiI6dvI0H7TuHce25WtlUMFR8Etopqanw63i
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fb8cTLgathAyaODT1KSgjteUidMzgHPbx4DGamisjHdlhmfDDPVIYUPDQVFjiI6dvI0H7TuHce25WtlUMFR8Etopqanw63...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA3ODMzMzQ2MTMwNTY5MTQ4NDI5Ng%3D%3D&google_push=ASkJ3Fb8cTLgathAyaODT1KSgjteUidMzgHPbx4DGamisjHdlhmfDDPV...

170 B
188 B

52ms
51ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA3ODMzMzQ2MTMwNTY5MTQ4NDI5Ng%3D%3D&google_push=ASkJ3Fb8cTLgathAyaODT1KSgjteUidMzgHPbx4DGamisjHdlhmfDDPVIYUPDQVFjiI6dvI0H7TuHce25WtlUMFR8Etopqanw63i

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA3ODMzMzQ2MTMwNTY5MTQ4NDI5Ng%3D%3D&google_push=ASkJ3Fb8cTLgathAyaODT1KSgjteUidMzgHPbx4DGamisjHdlhmfDDPVIYUPDQVFjiI6dvI0H7TuHce25WtlUMFR8Etopqanw63i
date: Thu, 10 Nov 2022 01:10:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7829 0
12 B 50ms
49ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-qAbGoQVtOGtl1lhrboAs5uOcf8s4A8qQ2f4NN7WYEoQL6Aw2qA2vnNM98d4tYoRHFQGK

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E567 0
104 B 169ms
65ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKjwaD74dl7t6yr5Ha6psGI&google_cver=1&google_push=ASkJ3FY4f6Uh2k8xSRtx6UN1xTuF1feeivIlBpg-ZAEBUyKYzl-Mu6IfW9cBccKTkAlzYT-fv1GePkgPL05Sg0Bns9XT4UNip0A
Requested by: Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E567
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEBdPud4YtKhPlclWg-wEC4s&google_cver=1&google_push=ASkJ3FaZaDoIM9Kh3lOlJD8swUvY3tghniyejfcgIvfvZe8js5VzqmrEd4a2xyL4RDIhjzOdJ4wcnWtZq71wdKGkynbT1HL...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBdPud4YtKhPlclWg-wEC4s&google_cver=1&google_push=ASkJ3FaZaDoIM9Kh3lOlJD8swUvY3tghniyejfcgIvfvZe8js5VzqmrEd4a2xyL4RDIhjzOdJ4wcnWtZq71wdKGkynbT1...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaZaDoIM9Kh3lOlJD8swUvY3tghniyejfcgIvfvZe8js5VzqmrEd4a2xyL4RDIhjzOdJ4wcnWtZq71wdKGkynbT1HLKhsQ

170 B
188 B

51ms
51ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaZaDoIM9Kh3lOlJD8swUvY3tghniyejfcgIvfvZe8js5VzqmrEd4a2xyL4RDIhjzOdJ4wcnWtZq71wdKGkynbT1HLKhsQ

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FaZaDoIM9Kh3lOlJD8swUvY3tghniyejfcgIvfvZe8js5VzqmrEd4a2xyL4RDIhjzOdJ4wcnWtZq71wdKGkynbT1HLKhsQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E567
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YPvyfuwNQrCD5p17RjblKw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

53ms
52ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YPvyfuwNQrCD5p17RjblKw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ7nq6WBI4TbSHsxuYJEnNT8P3LXwy0olmHOPHObJrKFo7aWhYDgyzMpFM3HSgPanYjZJxxbV_rijhxGDLJwSwutWIZFg

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YPvyfuwNQrCD5p17RjblKw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ7nq6WBI4TbSHsxuYJEnNT8P3LXwy0olmHOPHObJrKFo7aWhYDgyzMpFM3HSgPanYjZJxxbV_rijhxGDLJwSwutWIZFg
date: Thu, 10 Nov 2022 01:10:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E567
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPZMd4TJ0YaGUqKyUC2HC3U&google_cver=1&google_push=ASkJ3FZV1wwE8PtUAyXwpyD06l6tnrWkPwzw_gsz2xLheHEAsc8wPo5YrFsjBXM0OoGJyB3ELcc6C1QystiiGRsc...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZV1wwE8PtUAyXwpyD06l6tnrWkPwzw_gsz2xLheHEAsc8wPo5YrFsjBXM0OoGJyB3ELcc6C1QystiiGRsc-KiIyKPwkkI

170 B
188 B

52ms
52ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZV1wwE8PtUAyXwpyD06l6tnrWkPwzw_gsz2xLheHEAsc8wPo5YrFsjBXM0OoGJyB3ELcc6C1QystiiGRsc-KiIyKPwkkI

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 10 Nov 2022 01:10:34 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FZV1wwE8PtUAyXwpyD06l6tnrWkPwzw_gsz2xLheHEAsc8wPo5YrFsjBXM0OoGJyB3ELcc6C1QystiiGRsc-KiIyKPwkkI
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ec-6gAPUObJ2zMt1c1UA-vp7NKCzAJp5Tm0V9YFPm1ThfA8GkyKB3w==

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame E567 0
45 B 117ms
35ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIpDSODA546WIG5xa9C3X6w&google_cver=1&google_push=ASkJ3FaGX44UiXs4YzGmsajwEGFIA4LpjU390lUafU3gqarPTr1U5s9VTj3W-INb2gpp1j-nYLCGVXxamJ7DsFXIJrsjejuF6eA
Requested by: Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:34 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame E567
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN8LlFwyHHA-7lrIFkTiTDI&google_cver=1&google_push=ASkJ3FYUDfsGmw2e35cWrMWpDUVwzyc2mkGbpQUydOo747y63EiSkRMBAUOliTgL-L1KhKrhN5tS9xQKp2-...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYUDfsGmw2e35cWrMWpDUVwzyc2mkGbpQUydOo747y63EiSkRMBAUOliTgL-L1KhKrhN5tS9xQKp2-maGidNPn_ovMJenaY
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

41ms
41ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E567
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENRGUGddQBANhQ94gpB_YVA&google_cver=1&google_push=ASkJ3FZ6rhbjQtYcH...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D&google_gid=CAESENRGUGddQBANhQ94gpB_YVA&google_cver=1&google_push=ASkJ3FZ6rhbjQtYcHTwY2dNlMOzhWA4Dxy...

170 B
188 B

53ms
53ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D&google_gid=CAESENRGUGddQBANhQ94gpB_YVA&google_cver=1&google_push=ASkJ3FZ6rhbjQtYcHTwY2dNlMOzhWA4DxyAwB9QoOWf0wLqjJ3Ex4pohcfjusgE5XfIbbZQVwg8qK33mpJXRFcPInq5Cv0Kr_YfQ

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 10 Nov 2022 01:10:34 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.106; 217.138.196.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0f97bef5-2bfc-4874-bf43-0445a0e50962
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2NTE0NjQ5Njc2MDg1MDg2Nw%3D%3D&google_gid=CAESENRGUGddQBANhQ94gpB_YVA&google_cver=1&google_push=ASkJ3FZ6rhbjQtYcHTwY2dNlMOzhWA4DxyAwB9QoOWf0wLqjJ3Ex4pohcfjusgE5XfIbbZQVwg8qK33mpJXRFcPInq5Cv0Kr_YfQ
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E567 0
12 B 49ms
49ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iu9e7JID3ZVnIbdc_XKVb-hZiGy5vIKtS9PDKxFUP7cEQUdVA4A-qfz01KvtozgyW3h9rd50k

Requested by

Host: 28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
URL: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 23AE 694 B
682 B 370ms
50ms Script
text/javascript 213.254.244.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=145&ttfrms=28&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DDE3%5DF2Tar9EEADTbpTauTauag76_df336fbeg32fhc2hf6chege673f%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauF2Tau&srcurlD=0&aUrlD=-1&ssl=https:&uid=1668042634469345&jsCallback=dvCallback_1668042634469205&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&sdf=2&dvp_epl=239&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.stb.ua/ua/&c1=4845432&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0jBZTLjJqK0-jVPcohAn2GG&aucmp=17040911013&aucrtv=431989017&auorder=1006924362&ausite=32559837996&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=528384443.6645973&dvp_tukv=12127017972.170763&dvp_uuid=545966356599.6299&dvp_strhd=0.19999980926513672&dvpx_strhd=0.19999980926513672&dvp_tuid=297581507972
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 4538828f319e439cb864a1f65e65cb64587a6cd7eefbfa32f802cd589e9d12fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:33 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 11/09/2022 01:10:34

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame B6B3 21 KB
4 KB 137ms
53ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a88b4530e4d70a0484c19cf867da53b8c82079615ce2162a38a003e920508220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 01:10:34 GMT
expires: Fri, 10 Nov 2023 01:10:34 GMT
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 95CE 0
0 189ms
80ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCbWMTVxWguLpVfbYb9-8C-OJ862O8WXhnSuFcTf30lvC7GFy07Nt2NdC19mMy9azUTBc2CroqeQwrjf8jMwSwFWA3qJRvx69OzJMHD_dNRTCfniG-mFw-EUMPjmBBPnVZRbPrIThx-bSAfL2e0mqfJy2Lfl1qYQ-EJrs0XlCgVxenlm4jy-QtU9g5ls_aHEkyKhV_&sai=AMfl-YR8UIQj0Pq6-2HfekCoziORrIfQW6r5j7yItK66ieXSDjrNUYXJQ-6muKB-Ki9_MN2QxA5VIL965Gqe1LyjzCaUQmuzkX1E1nKgKQnlHQ9e_a0XpYqykMePEhXoeiysFbEtHFUhy-frp_I3F4eRhHm6_zDuvA&sig=Cg0ArKJSzO3oRsdHweI4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=370&cbvp=1&cstd=365&cisv=r20221107.56102&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Nov 2022 01:10:34 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame 8CB7 21 KB
4 KB 124ms
49ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a88b4530e4d70a0484c19cf867da53b8c82079615ce2162a38a003e920508220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 01:10:34 GMT
expires: Fri, 10 Nov 2023 01:10:34 GMT
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 88A9 0
0 183ms
80ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5lHr0R33RSgPIIcHsdAMJLnNkLBt6i2_Y2aMYAd8-dx3wJk_dm3gWz0Tz86L8jDdIL0YH8G-6qjrXYKyTBGsaprO8j884VfgggKctGBY0hNmXH351aHu16ioPcUkqMLLs0D6UME_KVRh2rWqNryk5BqGBzD9_CysiVYQ1jZHE-woJDR6E3fgi-VOypVObVDu_-h4O&sai=AMfl-YQMKW_HmSnKphDJeIkU_Fg0s2SefnUUDg0RJPj-wJu6Am-0QxxFIZOIAkurwb_zoR98y6-eTfQjLbq5AZ2tvAQdRZldZQRC5ee5v_806XaejLYSaVCO5zhnV5jwN8OUkjWXapYPN0SjCC1yFgtTo5y_Z_zbSg&sig=Cg0ArKJSzEzQNrxAlomEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=345&cbvp=1&cstd=342&cisv=r20221107.03085&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Nov 2022 01:10:34 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E155 694 B
687 B 214ms
50ms Script
text/javascript 213.254.244.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=272&ttfrms=5&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DDE3%5DF2Tar9EEADTbpTauTauag76_df336fbeg32fhc2hf6chege673f%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauF2Tau&srcurlD=0&aUrlD=-1&ssl=https:&uid=1668042634627967&jsCallback=dvCallback_1668042634627912&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&sdf=2&dvp_epl=239&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.stb.ua/ua/&c1=4845432&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0gFJH57ltwL8Ra06seGfmfD&aucmp=17040911013&aucrtv=431989017&auorder=1006924362&ausite=32559837996&auxch=1&pltfrm=1&aufilter1=4845432&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=241132018.19553187&dvp_tukv=502981893518.0866&dvp_uuid=7529865561.076851&dvp_strhd=0.10000038146972656&dvpx_strhd=0.10000038146972656&dvp_tuid=183360436456
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 92e0abfdfac8c99022c2a203091a1bdd43a4ef20895308d90b55e0a2391fe503

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:09:41 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 11/09/2022 01:10:34

GET
H/1.1 200
OK dv-measurements3130.js Show response
cdn.doubleverify.com/ Frame E4A6 545 KB
105 KB 59ms
58ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3130.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:34 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 11:48:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e9d655d5e6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106973

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3EDD 32 KB
16 KB 133ms
63ms XHR
text/xml 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C4HZ9ZNI2yp-IIVqLWEvJPw-i9ZJyJqWRz4bHaliguxzdRZh29R2M3mxfbnX4s67sXql82NRJb13olWBv65b_94qWzIA&cry=1&dbm_d=AKAmf-CI73FXqJjwWvu0mpngWUnYGG_OBC-ZT4pMWGAeLyYzGB27bSyfUCQacZfuruptjDugWNcVf7--x8zr_Agtt4KwPoBC4MRL3xCQnkzBxVdO6YueERIL2TK97dFQuJzgMDaW2bT8jpcKEuj2PuybVVKRFeaWwY9h6F9Qg4OiiSGbkKwLranyoqAllqFxGJD_CoT31Ds6JhZvE0gtz5gEWfO123RuCMkfauOjGSOKzfm1DueXIXDAaFaz4JsSFF16tcwT-V0e5DuG9T5IUJjZ9brvzkf-VfdXRFfTP-W0r5OUIICnfRNAfnpXE3KcIF9N5RkYn6nExVHpDRw4ZVy3IWPLTvIZY1nGWWW3WOr1p6hGQGz1Hu4_UqVIk6sQCRVCpmnjmz5L7fWbmi_MhRbvSTjB23LF5fcwUFuK6hBECSXZwm-pcvUfolfz90bjgG-cVNymSKNKC7MHXn6VREVfbwF31ljPbiA9IEqxSQNlDeu8MasT8twamCB9TN1JX0Tnq6Gtj29vYUZLZMSDaBaXCnXq8zzVZMt1gAOfYfL9nvya_fk2T4mV7o8xxE0R8Y-1YnfejInRhcj7fZz99dQiH58QQ-pF8hQ2TixNCBwv-ZbhUbM5ffxsz5V8qFETlmL1SykF3G4DNjRXjMd5lrKNMLI8SH8BhjHLN91yxS0BjFXlWTxVO6lY5YzbpZspPtGD97yYx6Ac9FJgIQQbVQzMGj6JI8NjaGrKvRMUvTnIMIXdjzDBQ27MUimedGr-6rte6YaKNNP9sp8g1jWeo_tRoCHRPEINiLBUx-EBeNBCgyZsVA5Sx8xu1fiyY98vNKFJrwdJJXlfJyIK7vqVofiP8IHvtsUgxFUDgqOOfrvlWHV6W5y8E-Sk7u-0CYw_NSfPtPuSiJIGVWKwaNoISeQ9UCLIDWvA2G8-ls9pUK_flqR6gLmVebXeqIU1z4ysFJUq4y1_Zx5zNd4E9mdxIR4HsmGcLzcXDhZFSEP4SpWIQPa2_cPOa0sluvQN8FBiNTKy5L_dLP-KVccaanmgadoMtVPVaHniTd5XdNHHSCdDOycCmSaZ5k7UVL5Qd2IQRShaHz2cx_CKRbCGsFDmxQQPWcAXiJb0gB74hxqRNqgwJgrnvk58w39pL27sgB84_ypNvjIv-1rMWg5LWuUbU24LucNi36bJyGUEqUFbaLbaoVDDf3J_mZXu4OSf9Yk9U-hBLkXOscVj5R1fi7EdTwG4h2SuN81Qats89pp-63yJYfE0uz2wjMIttyZXH8eZbPttgIGw8LUdDThSqP91CkoUAf7W31r706uvpGOipiSEeh44Io994Ii-vB2TsiFgL2wpyR8BkCbpGCGAyxLahIy0yb352-EPeYuJ2xtX6H8ednI79ycVLcb1L2pydDoMvmmJDp0QtqkeO_tArMIIQ2_DWCA6Ms71_awJ6yGzpZy_rC1jdRNUjbaGdcooOZs4a2z_zwC6KTLVyDaYN-LiwEX0RYE6jXbOPFA0LkbdzUiihiYK4k9tzEqn0N9iBZdASwNPfckhw_Qqc2kw3i4rybIAQqmUws0Yg3HLVsDOMXixk0F3YZSsKvzbaAkYVyZ8Dvsi32-WZCvGYd9XqqQyQLwHSL9YMbTa-36pWUwBO4FMkWpC9Co0431eF2pZH6cFfmtX5BlyeECgh175ARnQIsL6-D1tNn8LIL08j3TzHxDqM0p6Ejn7a6-qOG37sRORVd9ZykgJD2W6COcNTAfT6-qintagwi_vwFd9lV3Cxg1pCVpXZPskZBV4Bs0YjPecmtipaHc4PevlDPj-tmwbFgvmwbksUxbOiEBCSZ4zOwfhRWAsL3jT6-fF0eId18DcJUc0zYEnYG7NLZsKgDqDPHhyZEcYZ3OjY3rVbg380PZpoORsrPsRMtovIJBwg2TnKAUdu5KVk6h0igkOHT-Bh-mOa8uM7Z1eo80QRukNiiRyUQPAyto_syVsLs_FGtW_bl_4WVNVq0Lgys9Pa8bwnkCErQN2qDuIWq_Kpm_0dkVlLDEsbwbWSJLoCHwn2PPVH11aQouQ2kCefRet1UKT9Vks02xUVor6Y041LwmSgJn5Qt9zToj5e_P1IJ35qYNTej-r2ftb4oDbZxFsINyxaME2F_Nw9Yz9e1arnv1-Si8_fK6M7NSxUh5yuQuKTEJ1b5o1J3p70aARy_c9rS1BWQwXq2obO4gRv7Lk0l_pVv9gyTZK00pjNOP1cn4jjMfpdNQiRbPsj6aYBxr8qAO0bPd-EomWrk5ZgUS9NAe3trhOLLXgB75D8EBUSDbZ6x1KZ0r0O3u3U8BQckphJNQL-lL-IYMFuX92u0Wqni3oIPtTxPHWQG0uplDtkNpd07OhCZB6qgKCZaFIF3yiWp0pyHsbFpkYOlgAI1RfkT6VKm2njBWEaMntKZmsEsZbU4dLpQqZ_lFt3ByX_8btNW3khdJ5apV_pfgmnJcA4Z9yyJrXyculzcvOkPP35S0QtyPriLqbptbW_ziW7qDn3aL9-OI-SBX4GMNWXzztqHiB2levg57PvdiFtja8E9WekgA_7yIXIk9sFhZQnhDxnm3zNXq_Qw2vW_u48ZgCi6iSQzCzvZi-sIei0HMX4CRHvGpFCgLV_tiTSW-RsQ-qQUg48AePsnYdkfQNvPk2NM4UgLABjVc2hAvYFnkA-xNaVtg3NOMhxu7fD5xVfXftmsD7n112TGZgy8u4wv2SIju3woxMcxcSj46ha8XNa8019EpQENfD7SunXP6C19XWl0o5S8TZdLtIrsNF91lnsRPR1n4xBWRKMWSogqrGzKora4mt3szN-1clnFZB9gHIi90d8Un9QS1HqdaZTVsZjSLkl7wjsO46WOvjq6rv03CFxvyQs2D6uIrrRrVJI6IJb04A_oa2dfKAdA4hov6xo1FqnI_nreJfozY7onezOI7wAZBrlIdYZHX1nfg8seVTNoI8rqZDnGBt4przL3JC26mq1UZCMl10EF9v4xDn75sx52fhhzWATC_QCuzn_zP1FDvV0w30NALJLLqE6a6NEkOhvGqDygAArB-LMeA5RAC4rAvd28zjr13aTPofZBU6n7kNfR5wsOhH7P10kJV86z0WYgdLuqsjR96s-ej5QvmHNzTWO6XZePVPRKbBeCHm_6De7AEvLJiRJ7wcnx7WSg8DRTKfcGy4Ato1RfMSzKgJzZLw2RNDPj7w2CoKAMRMxTCjRwuvCq1Um9bp9XkKVUDGGfG56bR4BAm8Aopo0Xac9huHHIfLO7z3BxNHLjqFmLalunBZ-gn2PqjeOMlalkSRHLrQvSsmcf5AGQsZbdgv75EvNBfCQ5pG8qQcwDzu1P5pu-qM3e3qPpCxzf0GCuNsXDvyfC8deLpVXHelzL9CrwVZvTuKLfylpYHmbgMrGtEb6OOBcnp5djxX7tHBdkf0i_PiyuSnmK0t0wG1DQoJX16PQGVFOU6wS6MReNNt_YfPxVO70Tx4zyaLULce1bnfviD19DjlSepifQhl2ZUII6Q9wbvX5lnavl7NY6uim-6nfyVSqA8x0mf5hvyaX29I-NHLd1BHkP5BtpCrRdYzhrtGRVJQZ-Yk8MrzuXUQJ7nU0-B3k0Pspmcjl_6rUYt4wcLjt-Yw5HBwpEm2pNP5UOxD5j5qsjZuqUFW4Nk8nQNvI9eNVmifu5fpgblI8Zo_Im99qXBOM7lIomVQ69V0JUMHLKsBrE2CmCBzncF0Ev6Rhv82_lUPHyM8QeYoIcGhND7O5fK2M3D8J4StrfMcF7WJNvJREBA6rxOs&cid=CAQSPADq26N9FmQRtjgmt2SMcDheZ1UAlxvsrvC8UZRS8ClXO71E2WeK6weQdMCU_UkL6yzAYhzE3NngtkaOQxgBIBM&sdkv=h.3.543.0%2Fvpaid_adapter&osd=2&frm=1&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=996983295&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.543.0&sid=C009E406-B349-4055-BCED-52CCE75792B6&nel=0&eid=44748969%2C44765701&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&ref=about%3Ablank&url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&dlt=1668042633195&idt=558&dt=1668042634649&ged=ve4_td2_tt1_pd2_la2000_er1939.480.2299.1120_vi0.0.1200.1600_vp0_ts1_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

56b3674ac0ac56ef81c317de6b385097eeed9c7f253c199e337fd73ebd9a5a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16711
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements3130.js Show response
cdn.doubleverify.com/ Frame 7AD7 545 KB
105 KB 59ms
59ms Script
application/javascript 2a02:26f0:e300::5f64:924a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3130.js
Requested by: Host: www.stb.ua
URL: https://www.stb.ua/ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:924a Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:34 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 11:48:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e9d655d5e6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106973

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E4A6 694 B
683 B 110ms
49ms Script
text/javascript 213.254.244.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=104&ttfrms=7&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DDE3%5DF2Tar9EEADTbpTauTauag76_df336fbeg32fhc2hf6chege673f%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauF2Tau&srcurlD=0&aUrlD=-1&ssl=https:&uid=1668042634744115&jsCallback=dvCallback_1668042634744650&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&sdf=2&dvp_epl=239&noc=4&nav_pltfrm=Win32&ctx=25334725&cmp=28076520&sid=5549275&plc=339529955&crt=174652376&btreg=531569187&btadsrv=doubleclick&adsrv=1&advid=9533763&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=528384443.6645973&dvp_tukv=96055.22026789536&dvp_uuid=28399064034.434254&dvp_strhd=0.10000038146972656&dvpx_strhd=0.10000038146972656&dvp_tuid=497810603193
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 14891f1bf4dd7a951c6fcb56e2346135e9054dcf676f70e6e93597995b3c9c13

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:33 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 11/09/2022 01:10:34

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame 8CB7 5 KB
2 KB 41ms
41ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 12:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1870
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Nov 2023 12:11:57 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame 8CB7 1002 B
256 B 47ms
45ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 11:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Nov 2023 11:40:31 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame 8CB7 5 KB
1 KB 52ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

308afd64f51015c00180fafd43298c62f42b3b1715fbac97aee962367f7a172e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 11:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1120
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Nov 2023 11:40:31 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 8CB7 118 KB
40 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 11:10:17 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8CB7 57 KB
23 KB 112ms
110ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 01:10:34 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame 8CB7 9 KB
4 KB 56ms
55ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 21:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530510
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3818
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Nov 2023 21:48:44 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame 8CB7 24 KB
10 KB 58ms
57ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edef2c013c0d422caa829a837df925dd680b146ba9a181f2798a23bc30b17ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 18:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10568
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 18:55:17 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame 8CB7 18 KB
3 KB 55ms
53ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

193860da7eac9a778b0c99d0ecd4f417ff094eb725ee0ab7d8f9ffd76bf765c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 00:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87234
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2733
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 00:56:40 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame B6B3 5 KB
2 KB 45ms
44ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 12:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565117
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1870
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Nov 2023 12:11:57 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame B6B3 1002 B
256 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 11:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Nov 2023 11:40:31 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame B6B3 5 KB
1 KB 46ms
44ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

308afd64f51015c00180fafd43298c62f42b3b1715fbac97aee962367f7a172e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 11:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1120
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Nov 2023 11:40:31 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B6B3 118 KB
40 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 11:10:17 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B6B3 57 KB
23 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 10 Nov 2022 01:10:34 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame B6B3 9 KB
4 KB 77ms
76ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 21:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530510
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3818
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Nov 2023 21:48:44 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame B6B3 24 KB
10 KB 79ms
78ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edef2c013c0d422caa829a837df925dd680b146ba9a181f2798a23bc30b17ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 18:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10568
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 18:55:17 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame B6B3 18 KB
3 KB 90ms
89ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

193860da7eac9a778b0c99d0ecd4f417ff094eb725ee0ab7d8f9ffd76bf765c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 00:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87234
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2733
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 00:56:40 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 7AD7 694 B
680 B 100ms
57ms Script
text/javascript 213.254.244.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=129&ttfrms=8&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DDE3%5DF2Tar9EEADTbpTauTauag76_df336fbeg32fhc2hf6chege673f%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5DDE3%5DF2TauF2Tau&srcurlD=0&aUrlD=-1&ssl=https:&uid=1668042634787900&jsCallback=dvCallback_1668042634787696&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-39%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&sdf=2&dvp_epl=239&noc=4&nav_pltfrm=Win32&ctx=25334725&cmp=28076520&sid=5549275&plc=339529955&crt=174652376&btreg=531569187&btadsrv=doubleclick&adsrv=1&advid=9533763&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=241132018.19553187&dvp_tukv=90364926116.35611&dvp_uuid=1384065366458.5852&dvp_tuid=627775232795
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 644ead18c6da75abfa8bc27551918d549aec3bfcb634f285e38e01597531014c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:33 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 11/09/2022 01:10:34

GET
H/1.1 200
OK vpaid-event Show response
aux-log2-sh.adtelligent.com/ 43 B
277 B 100ms
99ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/vpaid-event?cmpId=29171&protocol=vpaidjs&waterfall_position=1&waterfall_id=18546926&advId=27865&isvm=0&event_type=80&v=2.7.198&t=js&adId=8D24C9ADD1131BCF&aid=40298&sid=789&width=640&height=360&env=desktop&country=82&is_secure_frame=false&format=outstream&domain=https%3A%2F%2Fwww.stb.ua&tte=1443&cb=1668042634802
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:34 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 88A9 0
0 160ms
78ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5lHr0R33RSgPIIcHsdAMJLnNkLBt6i2_Y2aMYAd8-dx3wJk_dm3gWz0Tz86L8jDdIL0YH8G-6qjrXYKyTBGsaprO8j884VfgggKctGBY0hNmXH351aHu16ioPcUkqMLLs0D6UME_KVRh2rWqNryk5BqGBzD9_CysiVYQ1jZHE-woJDR6E3fgi-VOypVObVDu_-h4O&sai=AMfl-YQMKW_HmSnKphDJeIkU_Fg0s2SefnUUDg0RJPj-wJu6Am-0QxxFIZOIAkurwb_zoR98y6-eTfQjLbq5AZ2tvAQdRZldZQRC5ee5v_806XaejLYSaVCO5zhnV5jwN8OUkjWXapYPN0SjCC1yFgtTo5y_Z_zbSg&sig=Cg0ArKJSzEzQNrxAlomEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=645&vt=11&dtpt=300&dett=3&cstd=342&cisv=r20221107.03085&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Nov 2022 01:10:35 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 95CE 0
0 150ms
78ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCbWMTVxWguLpVfbYb9-8C-OJ862O8WXhnSuFcTf30lvC7GFy07Nt2NdC19mMy9azUTBc2CroqeQwrjf8jMwSwFWA3qJRvx69OzJMHD_dNRTCfniG-mFw-EUMPjmBBPnVZRbPrIThx-bSAfL2e0mqfJy2Lfl1qYQ-EJrs0XlCgVxenlm4jy-QtU9g5ls_aHEkyKhV_&sai=AMfl-YR8UIQj0Pq6-2HfekCoziORrIfQW6r5j7yItK66ieXSDjrNUYXJQ-6muKB-Ki9_MN2QxA5VIL965Gqe1LyjzCaUQmuzkX1E1nKgKQnlHQ9e_a0XpYqykMePEhXoeiysFbEtHFUhy-frp_I3F4eRhHm6_zDuvA&sig=Cg0ArKJSzO3oRsdHweI4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=687&vt=11&dtpt=317&dett=3&cstd=365&cisv=r20221107.56102&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.stb.ua
URL: https://www.stb.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 10 Nov 2022 01:10:35 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B6B3 7 KB
6 KB 53ms
52ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f49942526f479f7ae5d6556284ca1c14ec8a20c2dde216cc25c2f2b0f1f3b66d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8CB7 7 KB
6 KB 52ms
52ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c42bc39ffea9d2960aad72cc9b903cab39293fbe0a70b25bb492332b976d4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5717
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B6B3 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 01:10:35 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8CB7 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 01:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 01:10:35 GMT

GET
H3 200 skyblue.png_1657630831967_skyblue.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5c1f92367fde122afbc/original/ Frame B6B3 6 KB
6 KB 41ms
41ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5c1f92367fde122afbc/original/skyblue.png_1657630831967_skyblue.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1904a820a1f4b161f319ff251a5b500ea177e6aaf15811e5ba06e4683083f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:10:38 GMT
x-content-type-options: nosniff
age: 21597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5953
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 19:10:38 GMT

GET
H3 200 12_days_hero_banner_665_0_1.20.jpeg_1666890020466_12_days_hero_banner_665_0_1.20.jpeg
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/635ab1010a6a4e40518299da/original/ Frame B6B3 32 KB
32 KB 45ms
41ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/635ab1010a6a4e40518299da/original/12_days_hero_banner_665_0_1.20.jpeg_1666890020466_12_days_hero_banner_665_0_1.20.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8175e1539bf271169eb0dfd0de3141d41a19addb344da7308800ae68be3fd7db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:39:57 GMT
x-content-type-options: nosniff
age: 538238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33172
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 17:00:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 19:39:57 GMT

GET
H3 200 vector.png_1657630831967_vector.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d585f92367126822adf8/original/ Frame B6B3 8 KB
8 KB 44ms
40ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d585f92367126822adf8/original/vector.png_1657630831967_vector.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

585aabd899edffe4cffa8c055e5b0ce9394022a443ddce7aaa29eb84a3d8a198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 23:32:54 GMT
x-content-type-options: nosniff
age: 524261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7717
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 23:32:54 GMT

GET
H3 200 gradient.png_1657630831967_gradient.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5a2f92367011222aeb0/original/ Frame B6B3 59 KB
59 KB 50ms
47ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5a2f92367011222aeb0/original/gradient.png_1657630831967_gradient.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

034ae21739010d774ace7bbcaaf86ab1bf8c1f7af87eddb952a15345d4115154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:00:16 GMT
x-content-type-options: nosniff
age: 501019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60591
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 06:00:16 GMT

GET
H3 200 wave_0_0_1.00.png_1657630831967_wave_0_0_1.00.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61964ee6a97cc79835681565/original/ Frame B6B3 7 KB
7 KB 49ms
46ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61964ee6a97cc79835681565/original/wave_0_0_1.00.png_1657630831967_wave_0_0_1.00.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

756f645d0bd819ed6ba98d3832cbc6e84a3856cd606b57da11ad8ca542bae66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:00:16 GMT
x-content-type-options: nosniff
age: 501019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6741
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 06:00:16 GMT

GET
H3 200 ATOL_BLUE.png_1657630831967_ATOL_BLUE.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/609d2b79a93581000694765d/original/ Frame B6B3 4 KB
4 KB 49ms
46ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/609d2b79a93581000694765d/original/ATOL_BLUE.png_1657630831967_ATOL_BLUE.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96f087922f32e82fb25fbf87070e7d0c7b67442807c7c319581373b49684e5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:10:46 GMT
x-content-type-options: nosniff
age: 21589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4452
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 19:10:46 GMT

GET
H3 200 icon2.png_1658408544311_icon2.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame B6B3 6 KB
6 KB 52ms
49ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/icon2.png_1658408544311_icon2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 07:43:57 GMT
x-content-type-options: nosniff
age: 235598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 13:02:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 07:43:57 GMT

GET
H3 200 icon3.png_1658408544311_icon3.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame B6B3 6 KB
6 KB 53ms
49ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:00:16 GMT
x-content-type-options: nosniff
age: 501019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6126
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 13:02:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 06:00:16 GMT

GET
H3 200 blank.png_1657630831967_blank.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame B6B3 91 B
120 B 62ms
57ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1657630831967_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 09:04:57 GMT
x-content-type-options: nosniff
age: 144338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 09:04:57 GMT

GET
H3 200 logo.png_1658314940096_logo.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame B6B3 3 KB
3 KB 61ms
57ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 21:35:40 GMT
x-content-type-options: nosniff
age: 531295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 11:02:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 21:35:40 GMT

GET
H3 200 logo2.png_1658314940096_logo2.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame B6B3 2 KB
2 KB 64ms
59ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:00:16 GMT
x-content-type-options: nosniff
age: 501019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1701
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 11:02:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 06:00:16 GMT

GET
H3 200 ATOL_logo_blue.png_1657630831967_ATOL_logo_blue.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61712ef5d029b47cdaeed677/original/ Frame B6B3 2 KB
2 KB 64ms
60ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61712ef5d029b47cdaeed677/original/ATOL_logo_blue.png_1657630831967_ATOL_logo_blue.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bd893fe46968fcc602c8f66bd0d2ea9ac76c088838a59c359c4b9ffb6eaf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:07:09 GMT
x-content-type-options: nosniff
age: 86606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1848
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 01:07:09 GMT

GET
H3 200 terms.png_1657630831967_terms.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame B6B3 3 KB
3 KB 64ms
60ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c69d0f4e1ee186a63b269350cc641711fcf7e5b0018e6f5e616a4874d7420367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=uS6dKNySN0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 22:05:18 GMT
x-content-type-options: nosniff
age: 529517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3210
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 22:05:18 GMT

GET
H3 200 skyblue.png_1657630831967_skyblue.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5c1f92367fde122afbc/original/ Frame 8CB7 6 KB
6 KB 52ms
48ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5c1f92367fde122afbc/original/skyblue.png_1657630831967_skyblue.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1904a820a1f4b161f319ff251a5b500ea177e6aaf15811e5ba06e4683083f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:10:38 GMT
x-content-type-options: nosniff
age: 21597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5953
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 19:10:38 GMT

GET
H3 200 12_days_hero_banner_665_0_1.20.jpeg_1666890020466_12_days_hero_banner_665_0_1.20.jpeg
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/635ab1010a6a4e40518299da/original/ Frame 8CB7 32 KB
32 KB 52ms
49ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8175e1539bf271169eb0dfd0de3141d41a19addb344da7308800ae68be3fd7db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:39:57 GMT
x-content-type-options: nosniff
age: 538238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33172
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 17:00:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 19:39:57 GMT

GET
H3 200 vector.png_1657630831967_vector.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d585f92367126822adf8/original/ Frame 8CB7 8 KB
8 KB 55ms
52ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d585f92367126822adf8/original/vector.png_1657630831967_vector.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

585aabd899edffe4cffa8c055e5b0ce9394022a443ddce7aaa29eb84a3d8a198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 23:32:54 GMT
x-content-type-options: nosniff
age: 524261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7717
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 23:32:54 GMT

GET
H3 200 gradient.png_1657630831967_gradient.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5a2f92367011222aeb0/original/ Frame 8CB7 59 KB
59 KB 56ms
52ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5a2f92367011222aeb0/original/gradient.png_1657630831967_gradient.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

034ae21739010d774ace7bbcaaf86ab1bf8c1f7af87eddb952a15345d4115154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:00:16 GMT
x-content-type-options: nosniff
age: 501019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60591
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 06:00:16 GMT

GET
H3 200 wave_0_0_1.00.png_1657630831967_wave_0_0_1.00.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61964ee6a97cc79835681565/original/ Frame 8CB7 7 KB
7 KB 63ms
59ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61964ee6a97cc79835681565/original/wave_0_0_1.00.png_1657630831967_wave_0_0_1.00.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

756f645d0bd819ed6ba98d3832cbc6e84a3856cd606b57da11ad8ca542bae66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:00:16 GMT
x-content-type-options: nosniff
age: 501019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6741
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 06:00:16 GMT

GET
H3 200 ATOL_BLUE.png_1657630831967_ATOL_BLUE.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/609d2b79a93581000694765d/original/ Frame 8CB7 4 KB
4 KB 64ms
61ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/609d2b79a93581000694765d/original/ATOL_BLUE.png_1657630831967_ATOL_BLUE.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96f087922f32e82fb25fbf87070e7d0c7b67442807c7c319581373b49684e5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:10:46 GMT
x-content-type-options: nosniff
age: 21589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4452
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 19:10:46 GMT

GET
H3 200 icon2.png_1658408544311_icon2.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame 8CB7 6 KB
6 KB 64ms
61ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 07:43:57 GMT
x-content-type-options: nosniff
age: 235598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 13:02:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 07:43:57 GMT

GET
H3 200 icon3.png_1658408544311_icon3.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame 8CB7 6 KB
6 KB 64ms
61ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:00:16 GMT
x-content-type-options: nosniff
age: 501019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6126
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 13:02:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 06:00:16 GMT

GET
H3 200 blank.png_1657630831967_blank.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 8CB7 91 B
120 B 66ms
63ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1657630831967_blank.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 09:04:57 GMT
x-content-type-options: nosniff
age: 144338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 09:04:57 GMT

GET
H3 200 logo.png_1658314940096_logo.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame 8CB7 3 KB
3 KB 66ms
63ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 21:35:40 GMT
x-content-type-options: nosniff
age: 531295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 11:02:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 21:35:40 GMT

GET
H3 200 logo2.png_1658314940096_logo2.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame 8CB7 2 KB
2 KB 66ms
63ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 06:00:16 GMT
x-content-type-options: nosniff
age: 501019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1701
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 11:02:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 06:00:16 GMT

GET
H3 200 ATOL_logo_blue.png_1657630831967_ATOL_logo_blue.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61712ef5d029b47cdaeed677/original/ Frame 8CB7 2 KB
2 KB 66ms
63ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61712ef5d029b47cdaeed677/original/ATOL_logo_blue.png_1657630831967_ATOL_logo_blue.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bd893fe46968fcc602c8f66bd0d2ea9ac76c088838a59c359c4b9ffb6eaf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:07:09 GMT
x-content-type-options: nosniff
age: 86606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1848
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 01:07:09 GMT

GET
H3 200 terms.png_1657630831967_terms.png
s0.2mdn.net/dynamic/2/10978769/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame 8CB7 3 KB
3 KB 86ms
84ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/adlibUtils-v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c69d0f4e1ee186a63b269350cc641711fcf7e5b0018e6f5e616a4874d7420367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=CHhEeiuXqI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 22:05:18 GMT
x-content-type-options: nosniff
age: 529517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3210
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:00:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 22:05:18 GMT

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame EBDF 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:04:04 GMT

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 676C 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:04:04 GMT

GET
H3 200 Ambit-Bold.woff
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame 8CB7 37 KB
37 KB 41ms
41ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/Ambit-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

620f78285fcec185cf13e3f850abbdd5aced51cf669f48d53fe2f36cf2df331d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 11:40:31 GMT
x-content-type-options: nosniff
age: 394204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37416
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Nov 2023 11:40:31 GMT

GET
H3 200 Ambit-Regular.woff
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame 8CB7 34 KB
34 KB 44ms
43ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/Ambit-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cdb93e36aee3bae06fd27784d93ef71abaaeb9c733d2cf7d0811a3060606f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 11:40:31 GMT
x-content-type-options: nosniff
age: 394204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34408
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Nov 2023 11:40:31 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 88A9 42 B
64 B 85ms
84ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxUtqNwZqufe2hRLOzphUgJOBU1Y55woX5KV47qrfp8LzE8cpHRL3ql_rOLT9jFgbOutkbMlEZe3xkNNT_aCPofjKmkDzKK0TcTuHS5XTC4torl1ynWj_r1pz8RlnQTJXhTCpqHQ&sai=AMfl-YQbUcWmqJCg-DvOU4XoUt9PR7MRboqo6w_MvNfRqWhTyiWeWqz-VAPJ7YFGjtdYqyyzOUNM6cUoV4Et3-bkvCCupUKc5YAsJoJ0BgH7etO60YTeZD7ReoNc2U5Q2W8&sig=Cg0ArKJSzBAFD-uGTpcGEAE&cid=CAQSPADq26N9cgXHMumSOhsZQ4nOb31fc_uCMh8qAxxQLUjvJVg9Oijy1uHbkjKDKOBanCeT9D16_xR2U2b8ZRgBIBM&id=lidar2&mcvt=1000&p=998,1229,1038,1270&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=391805128&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668042633177&rpt=1204&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ambit-Bold.woff
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame B6B3 37 KB
37 KB 41ms
41ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/Ambit-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

620f78285fcec185cf13e3f850abbdd5aced51cf669f48d53fe2f36cf2df331d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 11:40:31 GMT
x-content-type-options: nosniff
age: 394204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37416
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Nov 2023 11:40:31 GMT

GET
H3 200 Ambit-Regular.woff
s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/ Frame B6B3 34 KB
34 KB 43ms
42ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/Ambit-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cdb93e36aee3bae06fd27784d93ef71abaaeb9c733d2cf7d0811a3060606f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3451305936092659712/300x600-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 11:40:31 GMT
x-content-type-options: nosniff
age: 394204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34408
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 14:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 Nov 2023 11:40:31 GMT

GET
DATA 200
OK truncated
/ 587 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57f3bd77b518869c090b3b9ef80a6ebc093f123255f5b962701acdb05672362a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 431 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edd8b7df403685cfcd18add9c8493bbe4cef4ecee42bc827e3e9b6401a4a09cf

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK inview
aux-log.adtelligent.com/outstream/ 43 B
277 B 100ms
99ms Image
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aux-log.adtelligent.com/outstream/inview?page_url=https%3A%2F%2Fwww.stb.ua%2Fua%2F&aid=40298&sid=789&t=outstream&v=2.01
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:35 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame 3EDD 0
54 B 108ms
37ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~laadilg2&c=8763194260790&slotId=4381597130395&qqid=COKTsIW3ovsCFWQViwodwPkHfg&gqid=ik9sY-Av0_DfA_z0iuAG&fb=ima_html5-lima&sdkv=h.3.543.0%2Fvpaid_adapter&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&ghmsh_eids=44748969%2C44765701&vmfc=17&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3EDD 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 3EDD 0
0 160ms
79ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=Cllwwik9sY-KmAuSqrATA85_wB6SyoZZspN6a7tYPZBABIPS76SFgu4aAgNAKoAGGq6GrAsgBBagDAZgEAKoE9gFP0Oj0OoiJFRUZTFZOel1tnSEBP5pU3FUOqPtmXFFopGs9n08cuAVBM2VjZU_euXxGEb1JlgdZzwE-XfyJAzBuonwZm0OtjYd36qun1bvHmzXHGnw2EsN_bhszrZeHJhWMfObCsMwuZ0AAcsqHN_FABs6hU0k2JWW29e9J9nAwJWS4F5ugbYoRhm9ueKbKIJZcNzCjFmClMinU45rf21kJ-st9QK3YTvir8mvF4gzU-ecdbqBczmRJpQIGPhzUe44lV4fTtMOoFlYexnmdi0zWqcdGNEDboNE8lofbbQvfhiy1H42o0GyVE_diKYRcbRFt8PPezFrABNzz3K62A-AEA4gFieeumS2SBQoIIhACGAFI1YxhkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfi1N7UAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEJuKORiPzPK-AdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOVnoURyBPw-qsJ0BMA2BMNiBQK2BQB0BUBgBcBshceChwIABIUcHViLTIwNzA4OTAyNTYzMzc3NjUYxLQU&sigh=b2uhCGkAjZE&cmd=Ch1jYS12aWRlby1wdWItMjA3MDg5MDI1NjMzNzc2NRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPADq26N9FmQRtjgmt2SMcDheZ1UAlxvsrvC8UZRS8ClXO71E2WeK6weQdMCU_UkL6yzAYhzE3NngtkaOQxgBIBM&vt=10&sdkv=h.3.543.0/vpaid_adapter&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NzI3NTcxNjk0MTFA0wUKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTc0Nzc4MTgyCTE2NDI2NjcwOUCQAVIzCOYHEA8lAAAgQSgBOgs0MDAzMzYzOTktMUIER0RCTVAAWhBoMlVMTGUwWjlvUGNaQ3E5GAE.
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame FAFB 0
327 B 83ms
37ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~laadilbk&c=8763194260790&slotId=4381597130395&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

48
r3---sn-aigl6nzr.c.2mdn.net/videoplayback/id/d4b9de204613c58b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699578634/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame F4CC
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/d4b9de204613c58b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699578634/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-aigl6nzr.c.2mdn.net/videoplayback/id/d4b9de204613c58b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699578634/sparams/acao,ctier,expire,id,ip,ipbits,ita...

1 MB
1 MB

137ms
30ms

Media
video/mp4

2a00:1450:4009:1a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-aigl6nzr.c.2mdn.net/videoplayback/id/d4b9de204613c58b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699578634/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D0CC285BB6B99D770A5B4E8A84115D0960A0F7F.05003DD24D130CA153DC9E5C2BCACBB4BA9C9047/key/cms1/cms_redirect/yes/mh/_S/mip/2001:ac8:21:e::9/mm/42/mn/sn-aigl6nzr/ms/onc/mt/1668042283/mv/m/mvi/3/pl/48?cpn=h2ULLe0Z9oPcZCq9&file=file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4009:1a::8 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

286c2fedeb653a771a88d160428f703c35febd0518c4b2892047e76cafc23d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:36 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jan 2022 18:41:00 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1503456/1503457
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1503457
Expires: Thu, 10 Nov 2022 01:10:36 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-aigl6nzr.c.2mdn.net/videoplayback/id/d4b9de204613c58b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699578634/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1D0CC285BB6B99D770A5B4E8A84115D0960A0F7F.05003DD24D130CA153DC9E5C2BCACBB4BA9C9047/key/cms1/cms_redirect/yes/mh/_S/mip/2001:ac8:21:e::9/mm/42/mn/sn-aigl6nzr/ms/onc/mt/1668042283/mv/m/mvi/3/pl/48?cpn=h2ULLe0Z9oPcZCq9&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 671
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3EDD 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 3EDD 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.543.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 11:28:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EDD 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 3EDD 0
338 B 151ms
38ms Image
text/plain 34.253.97.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=w33mjewbl&campaignid=${CAMPAIGN_ID}&creativeid=${CREATIVE_ID}&siteid=${SOURCE_URL}&adid=${CREATIVE_ID}&advertiserid=512725891
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.97.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-97-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n002-dub-prod.krxd.net
date: Thu, 10 Nov 2022 01:10:36 GMT
cache-control: private, no-cache, no-store
x-request-time: D=45 t=1668042636
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3EDD 0
27 B 171ms
87ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7XsEhvreqj6-jOtOVq0-4sRwIs698_lE38A8VtbgJN0edqC2c6mxLsrfUceDPrluxl64cqyG-3AP1ex8Rmv8rPY5r_eV3FvU6LJYQvLnYmZP2Ou-0yoau1PVMDG8OgVwQsyZA8PiHO4hsnmvCsYL4iKZrOP_i8DBqoqJf0CtiQbjNhvBg2V49EKf_SNDVj0hQdWiUjmZzKKb_xfDv2-_v215yvjMP4Yspy46KrmNvLiNxclQy9eRWbDgIBtxMMatd0plpFuhtMtQL_KoMNY_r1K3W5ZQx-rtY-SITRFjD--fFHmjZ0LrUfTpr1E3hFG8exlHwq7ePfMiSNbX1QCtet5C-3CfoYoxF0gml4bX7mXHmb8tvyTKUBUuUOtsvPFDIZQ61NjAHrmctC9KOb1ApCStmKnLTcRBoRBUVQqNzV9h0KalpEkO0EjAo_DGVKhvHgHiqdli_epasQb8qCgfqXloxuKv7CJMsmAiH7Nr6PGFUUtCJ5bzKcaeK3mvbT-rZTUYzQrfhsl76nqSuJSeE6uXshhAQDlioHuleyzhpTfx7I9xE1c2K24WJvbBz7mZFheeqsiBmPQVGK8nPUxMsiC5j4aRgd6SxFX0imi7CkCTjOA_qYSeQ-mGNPinugufy9Si4_BIbPwp1-JJl53a7SLlRmu4Pvge6bXa0oT8_Cl9ni7ZOjwFy4zA-VU3D1ccp8hEIJhBrLz3qzEIP0anlzN92CzUXFLzeHvm41kJIi10jPDfkTwLloOpK9im87y5U1FdQl9vfbgpwGV-qpBYickJaqqZ7AQL_ynMVofFJjHe77n8GpAj3Y8TnnCbRmcwhU5Nf_c7amt0G23hj1wxc0RASt1B_6KkdgLbQnwiSwndDz1xVaTHlSy8CYKQw5cK4P56LBpEUspJiAbtTt_tmMB8VRa9rAR9gZarhaDqzTsejVidvmXTK09TJIeduQmVh-hTu-fMbTbfP-n9G5NMugKe3akWaqt3BmkgAX5rBrKpxLZCuji0K7eqzn4vV1EJ-fiLd3FZULHwxe1danRWIPBee-7t3hWygIG0lReD-Ux-QSkuROlvmmy7_rcECZWFqRjhzshBc-Njl3wv16Jw5q5b3Ehx-3qUUH7wsgHwXspo5wbmBHfaZz4VMWZBKq2Tja46gvZkDNDouWlbWplDnCbUt0w&sai=AMfl-YS5vAl6R7CQAiPed6DXkvXgOrwNcToUsVD2gc4dXBRNTZzZ2RjjLh0qsl7fycL-hsLrdVwNrOW4E3LwpfLk38y-_s1yIk2De1ciSTW-16Hm8g4B4cfVvbfU3t_MNxY6hkG61MPrln9OqTMY1oGGBTy0iylgeQA4liR0D29tQdF6gaFIU4oCXvP_g2CGnMx2OiVvCzkWCaxUcODKSVasl__jCN9XaBZXopnKC-gJk5gvVuR5IZ7vYK6a0dHI75ZJr1QPNi9U0pLOeQ&sig=Cg0ArKJSzHknXj7O0Gx7EAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.543.0/vpaid_adapter&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

B24277524.318146541;dc_pre=CKuSv4a3ovsCFcKrewodCJANSA;dc_trk_aid=510873222;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY49307073/ Frame 3EDD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY49307073/B24277524.318146541;dc_trk_aid=510873222;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY49307073/B24277524.318146541;dc_pre=CKuSv4a3ovsCFcKrewodCJANSA;dc_trk_aid=510873222;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rd...

42 B
63 B

145ms
63ms

Image
image/gif

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY49307073/B24277524.318146541;dc_pre=CKuSv4a3ovsCFcKrewodCJANSA;dc_trk_aid=510873222;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Protocol

Server

142.250.74.198 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY49307073/B24277524.318146541;dc_pre=CKuSv4a3ovsCFcKrewodCJANSA;dc_trk_aid=510873222;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
d.agkn.com/pixel/2387/ Frame 3EDD 43 B
648 B 221ms
43ms Image
image/gif 3.127.73.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/2387/?ct=UK&st=&city=0&dma=0&zp=M32&bw=4&che=4174181908&col=24249120,4490123,325245282,517477818,164266709
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.73.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-73-37.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:36 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 3EDD 0
337 B 151ms
38ms Image
text/plain 34.253.97.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=w33mjewbl&campaignid=46144459&creativeid=400336399&siteid=https://www.stb.ua/ua/&adid=400336399&advertiserid=512725891
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.97.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-97-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-served-by: beacon-n009-dub-prod.krxd.net
date: Thu, 10 Nov 2022 01:10:36 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1668042636
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 3EDD 0
0 54ms
51ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxCDp770ARiPzPK-ASABMAE&v=APEucNWB36zukI1OfzrSdh3_2lpIcaTJsASjk76EjAG-ORk4WVBsHN5C8ANIsus8BOc_EF-rbu0Ky69cdXWdHZ_7IvdzctVAuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3EDD 42 B
64 B 53ms
50ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ca-k1ik9sY-KmAuSqrATA85_wB6SyoZZspN6a7tYPZBABIPS76SFgu4aAgNAKoAGGq6GrAsgBBagDAcgDE5gEAKoE-QFP0Oj0OoiJFRUZTFZOel1tnSEBP5pU3FUOqPtmXFFopGs9n08cuAVBM2VjZU_euXxGEb1JlgdZzwE-XfyJAzBuonwZm0OtjYd36qun1bvHmzXHGnw2EsN_bhszrZeHJhWMfObCsMwuZ0AAcsqHN_FABs6hU0k2JWW29e9J9nAwJWS4F5ugbYoRhm9ueKbKIJZcNzCjFmClMinU45rf21kJ-st9QK3YTvir8mvF4gzU-ecdbqBczmRJpQIGPhyMehzrxB2vJjIx9iaiJgEvfCZTXuL1swtoDyc2vo7ydb9PGWcGunKA_nRushgIrFHNRT11A14mvObJz3PABNzz3K62A-AEA5AGAaAGdoAH4tTe1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE5WehRHQEwDYEw2IFArYFAHQFQH4FgGAFwE&sigh=ECPVz2Ok7og&label=vast_creativeview&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10048%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D2135%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D40172868%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668042633585%26ptlt%3D1668042636248%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1668042635863&sdkv=h.3.543.0/vpaid_adapter&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NzI3NTcxNjk0MTFA0wUKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTc0Nzc4MTgyCTE2NDI2NjcwOUCQAVI2COYHEA8lAAAgQSgBOgs0MDAzMzYzOTktMUIER0RCTUj_AlAAWhBoMlVMTGUwWjlvUGNaQ3E5GAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI4abbhbei-wIVaUEdCR1dZw9eEAAYACDVhapOQhMI4pOwhbei-wIVZBWLCh3A-Qd-;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 3EDD 42 B
107 B 176ms
79ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4abbhbei-wIVaUEdCR1dZw9eEAAYACDVhapOQhMI4pOwhbei-wIVZBWLCh3A-Qd-;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10048%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D2135%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D40172868%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668042633585%26ptlt%3D1668042636249%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668042635863;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3EDD 42 B
64 B 79ms
77ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunzEqV61x4oghGzk879zGNiDwnvvVeX92RWBLMz96p6iXeDw5zMgKvCKV2vBY5op7u15v-kI1TK1Hv9RhVGqzbFBI8dOAeLigKUdzht6vYbHoKly7BNRLT12PgJMnidmLPfiOjXQ&sai=AMfl-YTOO1hW0s9mdbA-ZBUOl5Z0bAw4699Pg8TnhzqtMPbpJfP41gx_utbKW4rzqcVctlFQ8fSyrGbvNIMjkuLZqv9fhUXsyUgtxn5-SntFX8RJwRqU_B8GSbOQwfSTUn8&sig=Cg0ArKJSzGRdae55YJ2uEAE&cid=CAQSPADq26N9FmQRtjgmt2SMcDheZ1UAlxvsrvC8UZRS8ClXO71E2WeK6weQdMCU_UkL6yzAYhzE3NngtkaOQxgBIBM&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10048%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D2135%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D40172868%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668042633585%26ptlt%3D1668042636249%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668042635863&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI4abbhbei-wIVaUEdCR1dZw9eEAAYACDVhapOQhMI4pOwhbei-wIVZBWLCh3A-Qd-;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 3EDD 42 B
494 B 174ms
77ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4abbhbei-wIVaUEdCR1dZw9eEAAYACDVhapOQhMI4pOwhbei-wIVZBWLCh3A-Qd-;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10048%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D2135%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D40172868%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668042633585%26ptlt%3D1668042636250%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668042635863;dc_rfl=2,https%253A%252F%252Fwww.stb.ua%252Fua%252F%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3EDD 42 B
64 B 54ms
52ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ca-k1ik9sY-KmAuSqrATA85_wB6SyoZZspN6a7tYPZBABIPS76SFgu4aAgNAKoAGGq6GrAsgBBagDAcgDE5gEAKoE-QFP0Oj0OoiJFRUZTFZOel1tnSEBP5pU3FUOqPtmXFFopGs9n08cuAVBM2VjZU_euXxGEb1JlgdZzwE-XfyJAzBuonwZm0OtjYd36qun1bvHmzXHGnw2EsN_bhszrZeHJhWMfObCsMwuZ0AAcsqHN_FABs6hU0k2JWW29e9J9nAwJWS4F5ugbYoRhm9ueKbKIJZcNzCjFmClMinU45rf21kJ-st9QK3YTvir8mvF4gzU-ecdbqBczmRJpQIGPhyMehzrxB2vJjIx9iaiJgEvfCZTXuL1swtoDyc2vo7ydb9PGWcGunKA_nRushgIrFHNRT11A14mvObJz3PABNzz3K62A-AEA5AGAaAGdoAH4tTe1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE5WehRHQEwDYEw2IFArYFAHQFQH4FgGAFwE&sigh=ECPVz2Ok7og&label=part2viewed&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10048%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D2135%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D40172868%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668042633585%26ptlt%3D1668042636250%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668042635863&sdkv=h.3.543.0/vpaid_adapter&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NzI3NTcxNjk0MTFA0wUKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTc0Nzc4MTgyCTE2NDI2NjcwOUCQAVI2COYHEA8lAAAgQSgBOgs0MDAzMzYzOTktMUIER0RCTUj_AlAAWhBoMlVMTGUwWjlvUGNaQ3E5GAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI4abbhbei-wIVaUEdCR1dZw9eEAAYACDVhapOQhMI4pOwhbei-wIVZBWLCh3A-Qd-;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 3EDD 42 B
107 B 175ms
78ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4abbhbei-wIVaUEdCR1dZw9eEAAYACDVhapOQhMI4pOwhbei-wIVZBWLCh3A-Qd-;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D8%26pst%3D-1%26dur%3D10048%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D7%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D2135%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D40172868%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668042633585%26ptlt%3D1668042636253%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668042635863;ecn1=1;etm1=0;eid1=16;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3EDD 42 B
64 B 53ms
51ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ca-k1ik9sY-KmAuSqrATA85_wB6SyoZZspN6a7tYPZBABIPS76SFgu4aAgNAKoAGGq6GrAsgBBagDAcgDE5gEAKoE-QFP0Oj0OoiJFRUZTFZOel1tnSEBP5pU3FUOqPtmXFFopGs9n08cuAVBM2VjZU_euXxGEb1JlgdZzwE-XfyJAzBuonwZm0OtjYd36qun1bvHmzXHGnw2EsN_bhszrZeHJhWMfObCsMwuZ0AAcsqHN_FABs6hU0k2JWW29e9J9nAwJWS4F5ugbYoRhm9ueKbKIJZcNzCjFmClMinU45rf21kJ-st9QK3YTvir8mvF4gzU-ecdbqBczmRJpQIGPhyMehzrxB2vJjIx9iaiJgEvfCZTXuL1swtoDyc2vo7ydb9PGWcGunKA_nRushgIrFHNRT11A14mvObJz3PABNzz3K62A-AEA5AGAaAGdoAH4tTe1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE5WehRHQEwDYEw2IFArYFAHQFQH4FgGAFwE&sigh=ECPVz2Ok7og&label=admute&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D8%26pst%3D-1%26dur%3D10048%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D7%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D2135%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D40172868%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668042633585%26ptlt%3D1668042636253%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668042635863&sdkv=h.3.543.0/vpaid_adapter&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NzI3NTcxNjk0MTFA0wUKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTc0Nzc4MTgyCTE2NDI2NjcwOUCQAVI2COYHEA8lAAAgQSgBOgs0MDAzMzYzOTktMUIER0RCTUj_AlAAWhBoMlVMTGUwWjlvUGNaQ3E5GAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
ads213.adtelligent.com/tracking/impression/ 43 B
432 B 29ms
28ms XHR
image/gif 2a0c:5c81:5139:0:baca:3aff:fe65:6d64
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads213.adtelligent.com/tracking/impression/?adid=8D24C9ADD1131BCF&aid=40298&cmpId=29171&protocol=vpaidjs&cmpPerformance=%7B%7D&wp=1&tte=2897&t=js&v=2.7.198&fi=18546926&cb=1668042636256
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139:0:baca:3aff:fe65:6d64 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 01:10:35 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.stb.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H/1.1 200
OK vpaid-event Show response
aux-log2-sh.adtelligent.com/ 43 B
277 B 104ms
104ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/vpaid-event?cmpId=29171&protocol=vpaidjs&waterfall_position=1&waterfall_id=18546926&advId=27865&isvm=0&event_type=52&v=2.7.198&t=js&adId=8D24C9ADD1131BCF&aid=40298&sid=789&width=640&height=360&env=desktop&country=82&is_secure_frame=false&format=outstream&domain=https%3A%2F%2Fwww.stb.ua&tte=2898&cb=1668042636257
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:35 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame C1B8 23 KB
9 KB 41ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 578864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 08:22:52 GMT
expires: Fri, 03 Nov 2023 08:22:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK vpaid-event Show response
aux-log2-sh.adtelligent.com/ 43 B
277 B 100ms
99ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/vpaid-event?cmpId=29171&protocol=vpaidjs&waterfall_position=1&waterfall_id=18546926&advId=27865&isvm=0&event_type=53&v=2.7.198&t=js&adId=8D24C9ADD1131BCF&aid=40298&sid=789&width=640&height=360&env=desktop&country=82&is_secure_frame=false&format=outstream&domain=https%3A%2F%2Fwww.stb.ua&tte=2899&cb=1668042636368
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:35 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame C1B8 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 00:55:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 00:55:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1B8 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.543.0&bgai=BXhA2ik9sY-G5LemC9fgP3c698AUAAAAAOAHgBAI&bg=!39yl3JjNAAbvMpMzzzI7ACkAdvg8WkEqAXQk37lU0r7IZx4ZgiNLSWV-8YiFp8ZUOVXqPmUazOntqQIAAABSUgAAAAJoAQcKAFbvTtncY4myN7Ig_s7z9ZioAdJIbOj7j3TpjxutQrWySk3iBhdK0VCFDvscJi86wOItWMcY5W-lIDuo4ob9L0_29GDpRJ9x1zBX4U4cxIDdeIyJTuKxkZkC454YR_zJ-vwnvaDL9fMQ_i4ff9sVmPtjOMvaAmkL32ZLKDmoQbit2jehhHSO6xhD9OSIX_E_q2mGskw0KS-dS_5_5V9DhXhcEds41ofFd0D39khJ__qSqnnpfMkdyRPpQN-d-CdhPvhJYAjN3pZ0SGwbG6BZdH3Ub6MbHJHQ0zQ7Y4gMfoxsEDVUVtq1Y7k9NFqAH7i8I-YOJP7v9aUSzUYcIU7slFRQ8Q5GLtj2xUaQ6b3RxlZ20E8smCLtFsegQ4qbHVD2emyJ-Fy5poN7b0R8ZPluPLT0qn6o6pqjm1WQQhVCMYFg1dCeeFWqkm9lYO7QT_AiywgHKvAIn8rHbJyD9jUEDCOMAhCOHP-XN6dG3hf7cJqiVw9rFV4oqGEQ1vB0Nl-ibGLeCFr7yuCKPvBXd-WtCYTcyibCwX7_mExspIlTtdP_irKx7TGICvSDJd-DaiNFMPx9JmlZ4HMon0dd0l3s5Q95KQpCEx4GzSfzG0-7pZqfM6lQdjwwNCFPlFJRPKtFXH8QlHJe1EzHJhKdVWNtaodIWHhyJ-z5HqqAwANndJGKJ-bvZCf5ePOHQ9jMyp0X4UjuK1PFuFAzkLLXd7452G8LVI0mL75yvkw2R_ZrOlINab53QYpLkHYIja4fdm3am08rjIs0zI_KbopKtRSkVJP5jr5MeBx71UM4QjGAEgimc7Eo8wSFVk9Jisqy91NE_wQWFoYmXRI3TVJIg7SW-NxuwliIMa1rtBmWEjBjsoTe99Fv3QPm1384DZvHX0rb64Do7hT5PUXLPJkaf_aqxPHrgLzgbCIxxCbJi0kiPgdYTmjhaXL-GsLQrz-jyGSoJI3QN4P7YoUvKhZiaD0NIgUSrhsf6a8lH7OHsWdC1iU3mj9cSdKKs7y_ddT4AzfNMcLCE9T4bdNA84GIwFg5fRFamjWrXEYhVswMRolBM45xQsdm-u187Tphp69AXGCOM-rVD4SYifmW76vCWPI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame E155 0
210 B 128ms
43ms Ping
text/plain 213.254.244.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=fed70591f1ed4e95b51ca653e2881f63&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=215&eoid=12&msrjs=3130&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=7&msltms=123&vltms=215&sei=289&vetms=5&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=8&isumms=8&nvr=3&isgmmims=8&isgmv4mims=8&elmtp=1&isbxdms=2308&b0=100&b4=2329&adhgt=600&adwdth=300&norwdth=300&norhgt=600&dvp_vsosnmr=1&lftb=2429&sftb=2429&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=7&dvp_dpr=1&dvp_valpct=2&ttfurm=3222&cbust=1668042637845696
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:37 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 11/09/2022 01:10:37

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 23AE 0
210 B 126ms
42ms Ping
text/plain 213.254.244.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=40aa71e3695c44ff85fe6794092c04ee&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=371&eoid=12&msrjs=3130&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=11&msltms=122&vltms=371&sei=289&vetms=8&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=1050&isumms=1050&nvr=2&isgmmims=1050&isgmv4mims=1050&elmtp=1&isbxdms=2452&b0=1521&adhgt=600&adwdth=300&norwdth=300&norhgt=600&dvp_vsosnmr=1&lftb=1521&sftb=1521&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=1050&dvp_dpr=1&ttfurm=3407&cbust=1668042637851503
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:37 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 11/09/2022 01:10:37

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame E4A6 0
210 B 126ms
43ms Ping
text/plain 213.254.244.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=1f4e7607e98a45f88303014a90f14a83&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=111&eoid=11&msrjs=3130&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=7&msltms=84&vltms=111&sei=290&vetms=2&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=11&isumms=11&nvr=2&isgmmims=11&isgmv4mims=11&elmtp=1&isbxdms=2214&b0=2369&adhgt=600&adwdth=300&norwdth=300&norhgt=600&dvp_vsosnmr=1&lftb=2369&sftb=2369&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=11&dvp_dpr=1&ttfurm=3120&cbust=1668042637858989
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:36 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 11/09/2022 01:10:37

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 7AD7 0
210 B 126ms
43ms Ping
text/plain 213.254.244.110
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=196d98234db44e29b846ec96c8b1aae8&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=101&eoid=11&msrjs=3130&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=8&msltms=85&vltms=101&sei=290&vetms=2&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=11&isumms=11&nvr=3&isgmmims=11&isgmv4mims=11&elmtp=1&isbxdms=2214&b0=100&b4=2229&adhgt=600&adwdth=300&norwdth=300&norhgt=600&dvp_vsosnmr=1&lftb=2329&sftb=2329&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=10&dvp_dpr=1&dvp_valpct=2&ttfurm=3110&cbust=1668042637890973
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:36 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 11/09/2022 01:10:37

GET
H3 200 dc_oe=ChMI4abbhbei-wIVaUEdCR1dZw9eEAAYACDVhapOQhMI4pOwhbei-wIVZBWLCh3A-Qd-;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 3EDD 42 B
63 B 159ms
78ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4abbhbei-wIVaUEdCR1dZw9eEAAYACDVhapOQhMI4pOwhbei-wIVZBWLCh3A-Qd-;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2634%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D810%26pst%3D410%26dur%3D10048%26vmtime%3D2596%26dvs%3D0%26dfvs%3D0%26dvpt%3D2627%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D2135%26femvt%3D0%26emc%3D16%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D40172868%26psm%3D-2147483641%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668042633585%26ptlt%3D1668042638880%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668042635863;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3EDD 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ca-k1ik9sY-KmAuSqrATA85_wB6SyoZZspN6a7tYPZBABIPS76SFgu4aAgNAKoAGGq6GrAsgBBagDAcgDE5gEAKoE-QFP0Oj0OoiJFRUZTFZOel1tnSEBP5pU3FUOqPtmXFFopGs9n08cuAVBM2VjZU_euXxGEb1JlgdZzwE-XfyJAzBuonwZm0OtjYd36qun1bvHmzXHGnw2EsN_bhszrZeHJhWMfObCsMwuZ0AAcsqHN_FABs6hU0k2JWW29e9J9nAwJWS4F5ugbYoRhm9ueKbKIJZcNzCjFmClMinU45rf21kJ-st9QK3YTvir8mvF4gzU-ecdbqBczmRJpQIGPhyMehzrxB2vJjIx9iaiJgEvfCZTXuL1swtoDyc2vo7ydb9PGWcGunKA_nRushgIrFHNRT11A14mvObJz3PABNzz3K62A-AEA5AGAaAGdoAH4tTe1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE5WehRHQEwDYEw2IFArYFAHQFQH4FgGAFwE&sigh=ECPVz2Ok7og&label=videoplaytime25&ad_mt=2597&acvw=sv%3D941%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2634%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D810%26pst%3D410%26dur%3D10048%26vmtime%3D2596%26dvs%3D0%26dfvs%3D0%26dvpt%3D2627%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D2135%26femvt%3D0%26emc%3D16%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D40172868%26psm%3D-2147483641%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668042633585%26ptlt%3D1668042638880%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668042635863&sdkv=h.3.543.0/vpaid_adapter&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NzI3NTcxNjk0MTFA0wUKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTc0Nzc4MTgyCTE2NDI2NjcwOUCQAVI2COYHEA8lAAAgQSgBOgs0MDAzMzYzOTktMUIER0RCTUj_AlAAWhBoMlVMTGUwWjlvUGNaQ3E5GAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vpaid-event Show response
aux-log2-sh.adtelligent.com/ 43 B
277 B 99ms
99ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/vpaid-event?cmpId=29171&protocol=vpaidjs&waterfall_position=1&waterfall_id=18546926&advId=27865&isvm=0&event_type=55&v=2.7.198&t=js&adId=8D24C9ADD1131BCF&aid=40298&sid=789&width=640&height=360&env=desktop&country=82&is_secure_frame=false&format=outstream&domain=https%3A%2F%2Fwww.stb.ua&tte=5522&cb=1668042638881
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:38 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 dc_oe=ChMI4abbhbei-wIVaUEdCR1dZw9eEAAYACDVhapOQhMI4pOwhbei-wIVZBWLCh3A-Qd-;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 3EDD 42 B
63 B 79ms
79ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4abbhbei-wIVaUEdCR1dZw9eEAAYACDVhapOQhMI4pOwhbei-wIVZBWLCh3A-Qd-;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5290%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1611%26pst%3D410%26dur%3D10048%26vmtime%3D5253%26dvs%3D0%26dfvs%3D0%26dvpt%3D2656%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26ic%3D512%26cs%3D4626%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D2135%26femvt%3D0%26emc%3D30%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D40172868%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668042633585%26ptlt%3D1668042641536%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668042635863;ecn1=1;etm1=0;eid1=18;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 3EDD 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ca-k1ik9sY-KmAuSqrATA85_wB6SyoZZspN6a7tYPZBABIPS76SFgu4aAgNAKoAGGq6GrAsgBBagDAcgDE5gEAKoE-QFP0Oj0OoiJFRUZTFZOel1tnSEBP5pU3FUOqPtmXFFopGs9n08cuAVBM2VjZU_euXxGEb1JlgdZzwE-XfyJAzBuonwZm0OtjYd36qun1bvHmzXHGnw2EsN_bhszrZeHJhWMfObCsMwuZ0AAcsqHN_FABs6hU0k2JWW29e9J9nAwJWS4F5ugbYoRhm9ueKbKIJZcNzCjFmClMinU45rf21kJ-st9QK3YTvir8mvF4gzU-ecdbqBczmRJpQIGPhyMehzrxB2vJjIx9iaiJgEvfCZTXuL1swtoDyc2vo7ydb9PGWcGunKA_nRushgIrFHNRT11A14mvObJz3PABNzz3K62A-AEA5AGAaAGdoAH4tTe1AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE5WehRHQEwDYEw2IFArYFAHQFQH4FgGAFwE&sigh=ECPVz2Ok7og&label=videoplaytime50&ad_mt=5253&acvw=sv%3D941%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1979,480,2339,1120%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5290%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1611%26pst%3D410%26dur%3D10048%26vmtime%3D5253%26dvs%3D0%26dfvs%3D0%26dvpt%3D2656%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26ic%3D512%26cs%3D4626%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D2135%26femvt%3D0%26emc%3D30%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D40172868%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1668042633585%26ptlt%3D1668042641536%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668042635863&sdkv=h.3.543.0/vpaid_adapter&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NzI3NTcxNjk0MTFA0wUKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTc0Nzc4MTgyCTE2NDI2NjcwOUCQAVI2COYHEA8lAAAgQSgBOgs0MDAzMzYzOTktMUIER0RCTUj_AlAAWhBoMlVMTGUwWjlvUGNaQ3E5GAE.

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 01:10:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vpaid-event Show response
aux-log2-sh.adtelligent.com/ 43 B
277 B 100ms
99ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/vpaid-event?cmpId=29171&protocol=vpaidjs&waterfall_position=1&waterfall_id=18546926&advId=27865&isvm=0&event_type=54&v=2.7.198&t=js&adId=8D24C9ADD1131BCF&aid=40298&sid=789&width=640&height=360&env=desktop&country=82&is_secure_frame=false&format=outstream&domain=https%3A%2F%2Fwww.stb.ua&tte=8179&cb=1668042641538
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=21092153&vast_domain=https%3A%2F%2Fwww.stb.ua%2Fua%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.stb.ua
Date: Thu, 10 Nov 2022 01:10:40 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 60ms
59ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42094:time[url:%2F,device:desktop,user_id:30040aad1.2737ee1fe_1668042632150,cdn_version:53]&s=ab9e9cb0b19b8db3fb06915ed084facc&1668042642163
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pT2IkoB9CSBk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.stb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Nov 2022 01:10:42 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.stb.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7bvm85j4alok9al6vuvjs3aavt
.stb.ua/	1970-01-20 07:20:43	Name: __io_d Value: 1_3813806733
www.stb.ua/	1970-01-20 16:06:18	Name: __io_lv Value: 1668042632150
www.stb.ua/	1970-01-20 16:06:18	Name: __io Value: 30040aad1.2737ee1fe_1668042632150
.stb.ua/	1970-01-20 07:20:44	Name: __io_session_id Value: 3620dc422.8975a530c_1668042632151
.stb.ua/	1970-01-20 07:20:43	Name: __io_nav_state42094 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.stb.ua%22%2C%22previousDomain%22%3A%22%22%7D
www.stb.ua/	1970-01-20 16:06:18	Name: __io_unique_42094 Value: 10
www.stb.ua/	1970-01-20 07:22:04	Name: __io_uh Value: 1
www.stb.ua/	1970-01-20 07:20:43	Name: __io_visit_42094 Value: 1
.stb.ua/	1970-01-20 09:30:18	Name: _gcl_au Value: 1.1.1023507928.1668042632
.piano.io/	1970-01-20 07:20:44	Name: __cf_bm Value: iGQVAWM.BjRsyPZ9i9qWfRHRRu1bgYC7DkJtlRbcdDI-1668042632-0-AYsYibh1lSIj7eq1UoM8qdFGtfF9ZGVfmwptm8O2Psi3M7cCDSSs+y+1bqiTnpJs4tk2Yz00bpn6CJu6+bhgQ8U=
.stb.ua/	1970-01-20 16:56:42	Name: _ga_S081QH5DQY Value: GS1.1.1668042632.1.0.1668042632.0.0.0
.stb.ua/	1970-01-20 16:49:30	Name: __gfp_64b Value: BSOAQt8yV_St_LKVWI8FReH2ysDw2vHZJMQs5ZM501P.B7\|1668042632
.tt.onthe.io/	1970-01-20 07:22:09	Name: io_uidd51792b4d5f7e5523e2fa6df873e8051 Value: 10
.tt.onthe.io/	1970-01-20 13:42:18	Name: io_user_hash Value: 30040aad1.2737ee1fe_1668042632150
.adtelligent.com/	1970-01-20 09:34:37	Name: vmuid Value: d5aad0f0fc89de7b
.stb.ua/	1970-01-20 16:56:42	Name: _ga_Q3W8G8LP36 Value: GS1.1.1668042632.1.0.1668042632.60.0.0
.stb.ua/	1970-01-20 16:56:42	Name: _ga Value: GA1.2.456295650.1668042632
.stb.ua/	1970-01-20 07:22:09	Name: _gid Value: GA1.2.1718657336.1668042633
.stb.ua/	1970-01-20 07:20:42	Name: _dc_gtm_UA-4596660-17 Value: 1
.hit.gemius.pl/	1970-01-20 07:30:47	Name: Gtest Value: KlSUjRXGQMGGqDxfxRPfLXfissGMXP8c25nSGsh9HxntXBG.
www.stb.ua/	1970-01-20 08:03:54	Name: _pbjs_userid_consent_data Value: 3524755945110770
.stb.ua/	1970-01-20 16:06:18	Name: _pubcid Value: 6dc2cb14-a3c4-4bac-a82d-675733597fd5
.bidr.io/	1970-01-20 16:49:12	Name: bito Value: AADbfU7G2J8AAB_pVqt08g
.bidr.io/	1970-01-20 16:49:12	Name: bitoIsSecure Value: ok
www.stb.ua/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1668042632680%2C%22visitNumber%22%3A1%7D
www.stb.ua/	1970-01-20 16:06:18	Name: pnespsdk_visitor Value: ys18nm7ipfo9oun3
.stb.ua/	1970-01-20 07:20:46	Name: AMP_TOKEN Value: %24NOT_FOUND
.stb.ua/	1970-01-20 07:20:42	Name: _gat_UA-4596660-4 Value: 1
.stb.ua/	1970-01-20 07:20:42	Name: _dc_gtm_UA-4596660-19 Value: 1
.stb.ua/	1970-01-20 07:20:42	Name: _gat Value: 1
.hit.gemius.pl/	1970-01-20 16:49:30	Name: Gdyn Value: Klx4NRaGQMGGqDxfxRPfLXfissGMXP8c25nSGsh9HxntFRxSG7RrGS6Gt9fBFlMQYH8W8jBGqSRxSG8.
.doubleclick.net/	1970-01-20 16:42:18	Name: IDE Value: AHWqTUlq3dVp6cQzhZUNbjcbQA8sSre1yT1z6sIZEUD2I5p7aZ0vpJPdAj9LkUE5Ejc
.stb.ua/	1970-01-20 09:30:18	Name: _fbp Value: fb.1.1668042632866.1352426978
.stb.ua/	1970-01-20 16:06:18	Name: _hjSessionUser_2348863 Value: eyJpZCI6ImFlNzQ3ZmM3LTRlMTAtNWJlNi04NDE5LTU5NTVkNWI1ZThhNSIsImNyZWF0ZWQiOjE2NjgwNDI2MzI4MDQsImV4aXN0aW5nIjpmYWxzZX0=
.stb.ua/	1970-01-20 07:20:44	Name: _hjFirstSeen Value: 1
www.stb.ua/	1970-01-20 07:20:42	Name: _hjIncludedInSessionSample Value: 0
.stb.ua/	1970-01-20 07:20:44	Name: _hjSession_2348863 Value: eyJpZCI6ImQzYTJjYWZmLWFiMWEtNDVkNC1iOTViLTljOTZhMzhmMzViNiIsImNyZWF0ZWQiOjE2NjgwNDI2MzI4NzQsImluU2FtcGxlIjpmYWxzZX0=
.stb.ua/	1970-01-20 07:20:44	Name: _hjAbsoluteSessionInProgress Value: 0
.stb.ua/	1970-01-20 16:42:18	Name: __gads Value: ID=a61769675fac5897:T=1668042632:S=ALNI_Makmj5ifi_4DonYdp_26NXKYoeHHw
.stb.ua/	1970-01-20 16:42:18	Name: __gpi Value: UID=00000b7f69a184a4:T=1668042632:RT=1668042632:S=ALNI_MY2wo4DgeNle5dQyamp5gCSySy5lA
.adnxs.com/	1970-01-20 09:30:18	Name: uuid2 Value: 4165146496760850867
.casalemedia.com/	1970-01-20 16:06:18	Name: CMID Value: Y2xPiQIWl1GgX2XpAbBowwAA
.casalemedia.com/	1970-01-20 09:30:18	Name: CMPS Value: 2226
.casalemedia.com/	1970-01-20 09:30:18	Name: CMPRO Value: 2226
.adnxs.com/	1970-01-20 09:30:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$OmpT%R!]tbPl1M>e)ZlrFUfJ+tGXxom_CPyt9)_v)QK%G<IL_dUQVk0rYi7/DRS1>ebpRzqF1`*b_GI)x'F<
.travelaudience.com/	1970-01-20 16:49:30	Name: _tracker Value: %7B%22UUID%22%3A%22B35FB322-22EB-4C23-9344-5CED563905C5%22%7D
.turn.com/	1970-01-20 11:39:54	Name: uid Value: 2544874320434613749
.pubmatic.com/	1970-01-20 07:22:09	Name: KTPCACOOKIE Value: YES
.3lift.com/	1970-01-20 09:30:18	Name: tluid Value: 3078333461305691484296
.adfarm1.adition.com/	1970-01-20 09:30:18	Name: UserID1 Value: 7164188561372739730
.casalemedia.com/	1970-01-20 09:30:18	Name: CMTS Value: 5130
.de17a.com/	1970-01-20 15:59:06	Name: guid Value: 1.53463453762868269
.pubmatic.com/	1970-01-20 09:30:18	Name: KADUSERCOOKIE Value: 60FBF27E-EC0D-42B0-83E6-9D7B4636E52B
www.stb.ua/	1970-01-20 16:06:18	Name: -2091339123 Value: 1&1668129034817
.krxd.net/	1970-01-20 11:39:54	Name: _kuid_ Value: PMIUZ1Ye
.agkn.com/	1970-01-20 16:06:18	Name: ab Value: 0001%3A2YOwG79xIXI%2BhmUny9L36A2C8oMp99D8
.agkn.com/	1970-01-20 16:06:18	Name: u Value: C\|0EAAq_wwMKv8MDAAAAAAAAQAHAAAAAAFyAyD__x4AAAAAAESDiwAAAAATYtliAAAAAAnKgtUAAAAAHtgVugA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://player.vertamedia.com/outstream-unit/2.11/outstream-unit.min.js(Line 8) Message: Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28fe057bbe7368ba794a97e49686efb7.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.travelaudience.com
ads213.adtelligent.com
adservice.google.co.uk
adservice.google.com
ampcid.google.com
api-esp-eu.piano.io
aux-log.adtelligent.com
aux-log2-sh.adtelligent.com
beacon.krxd.net
bid.g.doubleclick.net
bootstrap.adtelligent.com
c.amazon-adsystem.com
cdn.doubleverify.com
cdn.onthe.io
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d.adtelligent.com
d.agkn.com
d3div1mtym39ic.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
gcdn.2mdn.net
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
ls.hit.gemius.pl
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pixel.adtelligent.com
player.adtcdn.com
player.adtelligent.com
player.vertamedia.com
pubads.g.doubleclick.net
r.turn.com
r3---sn-aigl6nzr.c.2mdn.net
region1.analytics.google.com
region1.google-analytics.com
rtb0.doubleverify.com
s.ad.smaato.net
s.adtelligent.com
s0.2mdn.net
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
segment.prod.bidr.io
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-cdn.adtelligent.com
static.adtelligent.com
static.hotjar.com
stats.g.doubleclick.net
stb.ua
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
tt.onthe.io
ua-content.adriver.ru
ua.hit.gemius.pl
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.stb.ua
104.18.18.126
107.151.2.114
108.138.4.10
108.157.6.231
13.226.153.39
13.248.245.213
142.250.185.162
142.250.186.66
142.250.74.198
142.93.164.210
145.239.237.56
146.59.10.80
172.217.18.98
18.66.112.107
185.64.189.115
185.80.39.216
185.86.139.102
2001:4860:4802:32::3
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.166
213.254.244.110
23.111.96.52
23.227.138.196
2600:9000:206f:9e00:11:1ed0:3900:21
2600:9000:223f:b200:1b:5138:8a40:93a1
2606:4700:20::681a:81b
2606:4700:20::681a:91b
2606:4700::6810:2a41
2a00:1450:4001:80b::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:4009:1a::8
2a00:1450:400c:c00::9d
2a02:26f0:e300::5f64:924a
2a02:fa8:8806:16::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
2a0c:5c81:5120::2
2a0c:5c81:5139:0:baca:3aff:fe65:6d64
2a0c:5c81:5139::2
2a0c:5c81:5142::2
3.127.73.37
3.33.220.150
34.149.12.213
34.253.97.99
35.190.0.66
37.252.172.123
37.252.173.215
45.133.44.3
45.133.44.4
51.75.86.98
52.211.170.239
52.222.236.63
74.125.133.156
85.114.159.93
95.216.24.148
0036f3babb1f5df21d539a3c2b0c4efd18556febdc570073c3f0d9d79c9cc437
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
033db535d07fec060331b9fa19cede503da0b8f6dab5a2cbc0ae3226bfbb3946
034ae21739010d774ace7bbcaaf86ab1bf8c1f7af87eddb952a15345d4115154
04019e099df85779f04fbfff5dbb3bab2e2f9ab1b4c5f69486bfe6f8789f6d7e
060ce65ade5c6f4fcbcec79ec47cbdf5d258aa764c231dc0abe8f0eda435ceaf
064af7f5c0ba01235635fb0cd5a75db8743cff72484252a4cc02bca699f79987
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ffe1c53630f81ba753f1b06dc67b6bceec276d7c6830d6644d488379aa72ca1
102fac1a6cbf1be9b9618bb046c7d8aa7d74ba43145b0956d5b48b00deb7b4be
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12868a14f253a4b0f3adc6b2cc61ccf92d0e6970c7dd34e6eb76cf198ec4d10b
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910
14891f1bf4dd7a951c6fcb56e2346135e9054dcf676f70e6e93597995b3c9c13
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
1680259752ac008cab4652269a11999deeb1254808ff9dfe2b73aa64baf29ceb
18e3c3ca1e5a657dc68553f36e79e42b5db706d063b825cd1a0ee121c8eef799
193860da7eac9a778b0c99d0ecd4f417ff094eb725ee0ab7d8f9ffd76bf765c9
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1ae1106000210aa0c67b180cd4a00016e801cfb9692a47a0f9d2faff890c2e72
1b0831020cdd2595174b092ddec1ffe3afd2ee0e39d7e0ef512b3a4e169462ef
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2048e53cfa361aba6d82bae20ed646c236cbe5562c48c83e2220b08e878bfbad
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
229ead6e8dbb72ffc917b0b212824ee4d6b1848d15e62c8d03c42972f5107e50
22c2df40c158cee51f81fa93f874c4bf5975dbe5dfbbac05fd4019d3de0623ca
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
286c2fedeb653a771a88d160428f703c35febd0518c4b2892047e76cafc23d14
295f7d993b81a1b9f86862835671d1c860ead5afbac19cc20e1b6d3214720517
2a6255d829bd2e8984ae17d53199d07ccc0145563003b137e142bf2ae4cf52ce
2a803a843e08672d32a7a99457ff0f2f5d341c99c9a8ea11600f64a67bd744e6
2b571ad715a231d403346e7b8de0d84112683ca812865c810c5d32154e05fc71
2c2c85754d9483addaf3d128e7b28516f9ec28eb01d0c8de8d9fe6e4498e1628
2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e65f5c3b3b4c402074c19dee3d24d6bc02a8a86b19c8c992a4a6e78b254b2cd
308afd64f51015c00180fafd43298c62f42b3b1715fbac97aee962367f7a172e
30d26fb316d4e40b1bbc518fd6f379f2ce289db5ab3fc400bf9c5f59cee0d660
3124648e565e7e8061362135ae2180f9911723aff9b5669df9d068501219ab14
313c92b6eab9e17856119beb0a1790ca754193d91c1e4e2ead32b8e976cc0a95
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
3426628bc5dc8b85b5e08daf5796879f07c5a1c92a5c3ae8c5dd9d63d29b05d6
36a61a79b7e340c3bb31a13f92e12137f69fff10a16bc1e31b04a239e70ad826
37cfdfdbf588191b362c774485974ace9fe27a06b2a6bb8d4929142be502dd9a
3bbfc1a5f89db4ea1d80b72c17542bfe74835b74bea163f67f0f50f1e28f2ff8
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c91f8aca626f4b34be3b4711d8a1515a173d476afa3f98cd731f06e4a8be44b
3ce6272f979d5b798a797333aeabc05cefa0388c9af0ccaee9017ce26df868d4
3d0b5d14b360e6f61ffa8598c1885d937c076cd813bda8b287502bd38ae94047
3ee5379ebc71047fe98725dbd730e9b53070d91d74acb267b64bb4dd74a86792
3f3281cda8ac9907bbaed522d207ae16007514a2e5c885f6f73e6be08eb693b8
3fc8570984d18a398933d0fce769e2072219b9f4527660a36305481d392cd84f
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
405b21df23095aae7e6ed2917c68481aa2a31b934ec0f7b2b9353bba97a2a892
416211f730a5a0ff81eb5a9a80c7f22ff932478e0024a3bfd30d685019176c39
4166545c138b6f6e0cf23bc329d01690225001cff8377c2e0ad2aabf8580a943
434fc2d6d831d59b11cc58c794e2bfd14015d293a17ec7f5cec5be3717c0affc
4538828f319e439cb864a1f65e65cb64587a6cd7eefbfa32f802cd589e9d12fa
45bbe6979ad62808c4d1e86036d1b4c739d59794beed9e4c1a08d34d2fa0403c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
480c6d422ac35b202cb5c0ff3e440a24c46c4d598282004216321f24544ae625
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cc73b8758dc4bf93d8a55296e2f811b6b911fe0add0d097b91506d76c22f8ba
4cdb93e36aee3bae06fd27784d93ef71abaaeb9c733d2cf7d0811a3060606f5a
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4f2b1e1aa3cae59c35c012927b1d76000531e779c913473d7796be41d1e9f0ad
50554cc3fcf176ac6e72c8c872cc3502dc9f52c80b5036c991ff50509c042fca
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52a2a6ba0f594e32a42dd0360abf506de58f959414560ffc0a1e552e064e68a4
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56209303500034dfb724a152276fa919e920841d3cca512837de31af28a154e4
56b3674ac0ac56ef81c317de6b385097eeed9c7f253c199e337fd73ebd9a5a94
57f3bd77b518869c090b3b9ef80a6ebc093f123255f5b962701acdb05672362a
585aabd899edffe4cffa8c055e5b0ce9394022a443ddce7aaa29eb84a3d8a198
58b903a2891db03264f729eb5ba6ebc66e6f57f747055309b44e05d39882544e
58cc61823190fe6cc648d14c521055c3801484b5d74604aaa016e97cbf926775
5c42bc39ffea9d2960aad72cc9b903cab39293fbe0a70b25bb492332b976d4fa
5ce4abf25d3930f46d0dac1b6b34c14777d59a5918d1e902ce6e61c8f8b12481
5d3e8ef8f3c731bc2f3692f5fb883abf661853be312faf3f2a248777aa59dde1
5d52216c90ca53833f8edc70ebf990116622809278d31b44b656769bce669f3c
5d58327a6607507aff0e1eb8143f4829bddfa2e932a565e9441d05c5e1d2eea7
5e97d32b2c3724497f35385a463e23d0a274b6bb9260964cb3b95dfefa2c2672
6011f5827e798bc48f43db1976aa015d84f184b43a052669e6553e44433c1eb9
6136257029a04edcf9f098ff3df9c78931a3863059bbe86cf5ca67037dcaab0a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620f78285fcec185cf13e3f850abbdd5aced51cf669f48d53fe2f36cf2df331d
63fd7a6ad56216a6e12a61d578809fba2995bf40741d17f8eaaff5220a9c9b42
644ead18c6da75abfa8bc27551918d549aec3bfcb634f285e38e01597531014c
65097e01a4225474d104521446973cdbc9e3a3f59e197993d03e9ec98b2ead6b
6588f9025ab62b3839637a993f2da2c810f4cbb35b5a01a5273baafa60d603c6
674da6b076da2b6a4e683e409b4f0ac01388f5368f7dfc60d1fcac693526a83d
6964b2c81d38d9edf5f70ff0e2d0c26f30b9b0396fb2665f82803c585c268492
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a
6a18cd1ab9e68a5c743a2c326e9c7c60acd8b7c814e9f2d18807657d9af9eea7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9d7ff6a6daab1c98178bd718153f59e0d9cdd9c9877f983c3ccb040d2ed602
6ef86136d5a7c12ec0c6ea8ff97fead63047646efe6afa127aabd4a121ddb4bf
7167018b357886a0b6208f1d254492ca825c0db53ca7126c76993b9164adb796
72ee86c2d51bda0926be00bf9c225c4327b49495ba502bc10b051c8eb09031bb
7444ac806038f9532f7e8413411ca5c9966dd7b9d2b4832d160a47bc77b0e1cf
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
756f645d0bd819ed6ba98d3832cbc6e84a3856cd606b57da11ad8ca542bae66c
76275b112dc76c9baffa0d9cac26d91c146609a318923664f4c7f6a2858eeb8c
794627d23fa3466c025ce236b7f95bbaea3815321b07e6d1191d5b4754f63285
794b0b683ba559335241b5fe0f7dbbb3b9e9746c6828737ebc5ad8f18f722dd5
7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df
7d0a7bd4544e11f2da3687c284086a7c4c3e5e4eb5ae3d60cfa4fa575e20dc72
7e24c863fadbd7f488b3fee007eda7afa435d1944acbfe8d895df73b8fa198d1
7ec98508fc4bfa81859dff02cc72715686f0e10a0bfcceb72d3a9f43551f95e1
7f95bfd4f0b3e7cc64a5a5dd2737e5990ff07779bbf1abc3aced4a1dc1144955
8033f8c3eb76868a0c94f71d65b0f2b4d58db51eff7a36e0497f0f450c6a9632
8175e1539bf271169eb0dfd0de3141d41a19addb344da7308800ae68be3fd7db
81f6244e1c6aca49abdb506bb5fc8c591483fcc8b7a897e94e862856b8c514e7
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
82a13d78d84bef8c4d761d0d619cbda472dc600f34390bb990fbc2afaf580077
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86734c520bde4e65fb53c83d1bb74e41e30bee003caad015dbe5817557b2a2ee
8817fd7b4795e9f345af1a6ee1ecc5dc6b04a4f35f66e5542e75cba65b0f9735
8832369100c7e33bc9a05f1d014ad28858fb325ff1d2a2bee1764ce5f84f940e
8b934f3213c33c849410d6edf4fa6f85f970839503d462d94413bd8c15a2e106
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e01fd8c8326e8bee7dc6d9cd25bda8cbad3e225989c1492f169e8e949fd3aad
8ec28ecc264ed505f506b9e3ca44a2f680be2d3e386b94aee0153549a89ecddb
9015799c23516f82b01bf66c82d801c174581c9a2ee3ee9059b8f26d9e4a07bc
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
911e6319820663653b10065bbc70300629e87ec7ce6e2ee96ded994d48b2ea97
916ac6ed805a3b0bc053064a739037a1137ef6ada0f9f05793a045399b4b0e78
91b9b6944449cdf72d9618dcbdd90cfadc80e3d18c02185e98ebcb6e25fde5d1
928a76b71f65918078b6fb9ec10e72c5ec0b6d765a31d3674b22fb969fa7d6d5
92e0abfdfac8c99022c2a203091a1bdd43a4ef20895308d90b55e0a2391fe503
947075e4c1ceb25016e75bfd26c3dde0679fb91edde374c9f516796ac03946b1
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
94bd893fe46968fcc602c8f66bd0d2ea9ac76c088838a59c359c4b9ffb6eaf4e
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96f087922f32e82fb25fbf87070e7d0c7b67442807c7c319581373b49684e5e6
972babe3c9374daa3aca7cc88e204de9491981aa68ced699f21234acf2c70bbf
97a843394d321d07d9b603a40c0eff9ce38d9e058ac8b88617095bf8624712bf
984878b4ed891c1b5aed3680d0d4d2297f8a4bba2710e7856b007dcdb22d5984
9852b0957e2d0919164ef70d15ad02c2285f34cc638e4cba5e8e8971f8daf540
98e053ad3e6a8e5dabd58508be431eb47dab36474171b263f915fe33b8172b6f
990e6a060e5152542f2f20c1520551cf0120ecef9131fbdd8bed5c7c3559375c
9916250aee441bea2e0f4ed6c4b17cbf8640658080e96ae67485f29f506ff559
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b96ce677505304fada4c1a48a216635f50dc3c6cf52a64ea8c6be33b5578f21
9e10a37c048bdeea121c77061f436f42742bdfdba40148a95acb551f950afba1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a7f41643695f7bf4fe98eee93638ec73996c5014c9bc4770cfa8278b787030
a760b7dd182bf1a299fcba074411fdc888772bdc240404363d5c82a5b3b7eea4
a85a208718a44e08d088f27a1bb8f29dbb786f54488c1c712bdb70116055a0de
a88b4530e4d70a0484c19cf867da53b8c82079615ce2162a38a003e920508220
aceddab3a848e5d836b7361dbb6014c79aabfea99b6dc7413ebe3e523775bc51
b0e8d1ea6c7c69bb12c7b123ce18bb645b8bd604fb95d546c2aab02688173af4
b10c7f8dd0a6179b00b1154fdbcda4e62c3bf46f7a9dd72dc078f4f5b64af17e
b11ef585be993e093c615916bc711fe48c27e0df2ff616306b11bb79e8e4e886
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b417a20e23f64ffbc4c0416c1279e0428d8120a16754c5061169fad23359e878
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b817795deaea76c168002bc53b720c6a8c05370f66e10ddc9bc301301acda4db
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca
bc18688b4de69a2c2136442b7eb698a8ed4333955add58326223f81a4c47854c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd5ffb3d4240e9e78023fbe129530c51392269cdc2635962482bdbd0e09dd73c
bd7ffc44623e234f17f71c59e0aec33142139235b8525aa8e96be6a81791184f
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
c090eaf120afb069e7200432e2dabebf7fb9e3a6bf8fea3a8a39caefc1d8f7d7
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c356d958d8e772a1a565f37b5063664c51a3e72c085a2d61bbef24c0cb69e563
c3a015f250093ba41c36da57625051930eada74b0bb8d61b7e0c6fef36952317
c3b40212eaba789e079fba2196228d96494e205478aae8a95334c8ea30c2936c
c63b1e9738dddc068bc1a26a416e1c4cc095b48e5cf3af490dddb71710c728cc
c69d0f4e1ee186a63b269350cc641711fcf7e5b0018e6f5e616a4874d7420367
c6bc59f44e24e22caa74b10ed80241a95067ac087249eaa2d06d4319d6b5fbbf
c89d926f01b28e431fdf4d7ba7c5b5e3ed2562abc93321f37e4306a642bee72e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca88bf3e3a0613bf91ea9ed896fe980871bbff340e266126cabfd028a0b20c67
ce3006eed788c7f70d96e5bd0a27dfe782fcc298506f8476d8f9a8af49ac583d
ce487a64fbd92ab717241ae535b45a8bc008ac7db0fcc43f4033c4086344bd27
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03a53eee134de9274bef3133ff3eb0dd0f4117ef576dc15987d8875612cb696
d07535fe4e625a2a5473b4ec8c123624620cf02dcd4b94d96fae9623e5804323
d0bb48c45ce522c83ed939c118b1fe445795a19c3390efd567a7636da59f30e4
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d27b659c0756b28928dbf7c441e0e4257bfed808d79d0b15f1d6edc9d86676b4
d3f57bf45ca84ae5bca8c00862e8a5a421412bb13a4e259f4e809a2d5bc7cdf9
d4fa8cc844f186aec66ba1150a7b4d2101f0f0682a47869e0025334aa44d4095
d648805197f70b2456d14c63ffc03255e65753c7133c93e8d3a34e52c21c1547
d756659afc46966f0cc598df2edf870eeb2687a8d5db64a65602362a1e6712dd
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7b4083b6d1c5cc7059067c7ab7ce0530362990233de9626274a4f7e573025d8
d827e28626fd587757ec767f4dc472b690c332a47122535f14489517fd9a236d
d9c2407a5e5f4ee58354ef3ec8527cf4b672a5edb7dbea8ba117927791e4e9e7
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
dbba9e088648664db0cd97b03d19b2b37ad877ad60838403c3f7a8ae20dd54d5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd61ecebf36941bd6d1aa20ca07868d826fd9eb6f3a5e660e0afbb703ae6793
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de475b96fe110fff82ca419b05b3c199dffdc545f383175083190c490e147bdd
de66bece00078f3a129cebae471baa0c323cf63c5c9f1804455d57c9f111a16f
e041bb55df16e7ea6cbac9bae47a341e087174c74ce8a33e6c1e7088550f137d
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1bf55236532b110e5bdeb7d10e0ba651bf46b46700e1d18ecfe78d56d8ee166
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49eda70796659f5244e19547eda5d360bb1d19e8aaa81b84a482388fde271a0
e50552a2245a3fa622e703b9c6a22adaef8bcef4a33192684b88c698fa5ba9c4
e7c0b83abf36888a3fb856a3c1789871d38206fd07165b628d6ed01ba1b88681
e7cfcba1181eb95f839af4897ae81678b414bc7d2b9955af8acbbd1b1e94154b
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
edd8b7df403685cfcd18add9c8493bbe4cef4ecee42bc827e3e9b6401a4a09cf
edef2c013c0d422caa829a837df925dd680b146ba9a181f2798a23bc30b17ca8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1904a820a1f4b161f319ff251a5b500ea177e6aaf15811e5ba06e4683083f20
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb
f49942526f479f7ae5d6556284ca1c14ec8a20c2dde216cc25c2f2b0f1f3b66d
f5d76c4350fd6291d9fb0a40923248d7cddaa6ad0ac1cdcb21cabe27b2d0b080
f647b8ca08ed8cb859560c6750c5157e7bd7ed7d83d374162bbe90609e5fa556
f7d848e954293a192fae29cbbbdf604433ec3e0486c65254218225b883948a69
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

www.stb.ua Open in urlscan Pro 2606:4700:20::681a:91b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

374 Requests

94 %HTTPS

49 %IPv6

40 Domains

79 Subdomains

61 IPs

13 Countries

10602 kBTransfer

18003 kBSize

58 Cookies

12 Outgoing links

Page URL History

Redirected requests

374 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.stb.ua Open in urlscan Pro
2606:4700:20::681a:91b Public Scan

Screenshot
Live screenshot

Full Image

374
Requests

94 %
HTTPS

49 %
IPv6

40
Domains

79
Subdomains

61
IPs

13
Countries

10602 kB
Transfer

18003 kB
Size

58
Cookies

374 HTTP transactions
20 data transactions