Submitted URL: http://gumoreska.in.ua/
Effective URL: https://gumoreska.in.ua/
Submission: On December 11 via api from GB — Scanned from GB

Summary

This website contacted 32 IPs in 7 countries across 22 domains to perform 148 HTTP transactions. The main IP is 77.83.100.33, located in Warsaw, Poland and belongs to ATMAN-OFFICE-INTERNET-AS ATMAN, PL. The main domain is gumoreska.in.ua.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on April 17th 2022. Valid for: a year.
This is the only time gumoreska.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 77.83.100.33 24723 (ATMAN-OFF...)
4 4 2400:52e0:1e0... 200325 (BUNNYCDN)
22 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 74.125.133.157 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:401... 15169 (GOOGLE)
3 142.250.186.66 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
6 2a02:26f0:170... 20940 (AKAMAI-ASN1)
3 10 216.58.212.162 15169 (GOOGLE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
2 3 185.89.210.46 29990 (ASN-APPNEX)
3 34.149.12.213 15169 (GOOGLE)
1 104.109.57.2 16625 (AKAMAI-AS)
2 2 3.68.131.166 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
1 1 2600:9000:205... 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
1 1 185.89.211.116 29990 (ASN-APPNEX)
4 184.30.20.47 16625 (AKAMAI-AS)
148 32
Apex Domain
Subdomains
Transfer
58 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
ade.googlesyndication.com — Cisco Umbrella Rank: 270
559 KB
30 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
bid.g.doubleclick.net — Cisco Umbrella Rank: 701
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
160 KB
14 gumoreska.in.ua
gumoreska.in.ua
667 KB
9 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 429
rtb0.doubleverify.com — Cisco Umbrella Rank: 664
tps.doubleverify.com — Cisco Umbrella Rank: 454
242 KB
7 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
68 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 72
mts0.google.com — Cisco Umbrella Rank: 4304
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 765
cdn.flashtalking.com — Cisco Umbrella Rank: 1064
secure.flashtalking.com — Cisco Umbrella Rank: 1808
48 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
4 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
imasdk.googleapis.com — Cisco Umbrella Rank: 416
137 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
secure.adnxs.com — Cisco Umbrella Rank: 430
4 KB
4 shortpixel.ai
sp-ao.shortpixel.ai — Cisco Umbrella Rank: 19856
3 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
1 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 944
r3---sn-aigzrn76.c.2mdn.net — Cisco Umbrella Rank: 348844
2 MB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
141 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
region1.google-analytics.com — Cisco Umbrella Rank: 3983
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
166 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 718
2 KB
2 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 7344
914 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 677
443 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1545
350 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1918
173 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 840
698 B
148 22
Domain Requested by
33 tpc.googlesyndication.com googleads.g.doubleclick.net
gumoreska.in.ua
tpc.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
22 pagead2.googlesyndication.com gumoreska.in.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
gumoreska.in.ua
14 gumoreska.in.ua 1 redirects gumoreska.in.ua
10 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
6 cdn.doubleverify.com googleads.g.doubleclick.net
cdn.doubleverify.com
gumoreska.in.ua
cdn.flashtalking.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 sp-ao.shortpixel.ai 4 redirects
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 ade.googlesyndication.com
3 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
3 csi.gstatic.com imasdk.googleapis.com
3 www.googletagservices.com googleads.g.doubleclick.net
gumoreska.in.ua
3 fonts.googleapis.com gumoreska.in.ua
googleads.g.doubleclick.net
3 www.googletagmanager.com gumoreska.in.ua
www.googletagmanager.com
2 secure.flashtalking.com googleads.g.doubleclick.net
2 cdn.flashtalking.com servedby.flashtalking.com
googleads.g.doubleclick.net
2 tps.doubleverify.com cdn.doubleverify.com
2 ups.analytics.yahoo.com 2 redirects
2 pm.w55c.net 2 redirects
2 r3---sn-aigzrn76.c.2mdn.net googleads.g.doubleclick.net
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.uk pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 secure.adnxs.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 servedby.flashtalking.com googleads.g.doubleclick.net
1 rtb0.doubleverify.com cdn.doubleverify.com
1 googleads4.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 mts0.google.com googleads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
148 41

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
pinterest.com
telegram.me
api.whatsapp.com
www.pinterest.com
Subject Issuer Validity Valid
gumoreska.in.ua
Certum Domain Validation CA SHA2
2022-04-17 -
2023-04-17
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.google.co.uk
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2022-11-29 -
2023-02-07
2 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-05 -
2023-07-07
a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-11 -
2023-11-12
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2022-10-16 -
2023-01-14
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2022-09-28 -
2023-10-30
a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-20 -
2023-05-20
a year crt.sh

This page contains 21 frames:

Primary Page: https://gumoreska.in.ua/
Frame ID: 6EFBB08F78A065816CA7FA2C23B29998
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: 48D998B7B162D4A4CCAF00FD0830970A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&adk=1812271804&adf=3025194257&lmt=1670407375&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fgumoreska.in.ua%2F&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716516&bpp=4&bdt=363&idt=429&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=527269080874&frm=20&pv=2&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=450
Frame ID: 7BF761C8CBF8CF9FE44923420FB0C88B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Frame ID: 2AAC4ED6DB93D960AFBE201C9ED9E47A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
Frame ID: 49711B92755711CFB68BFD600CAF7FE5
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Frame ID: 1E216CC104C0DF88340A0B527186E494
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Frame ID: DBDEC93D4A4F5FE7A67464610AD7109F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Frame ID: 86A827C6611EE1185FA1CB08B8782DD0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C8hOu5aWVY82WCbb6xtYP5vyVsAaU8bTlbdLAztHaEO_ior3AARABIKWvh29gu4aAgNAKoAH54IryKMgBCakCmpJZifmusT6oAwHIA0iqBMwBT9BI0XXb_XTo97_0eYElXf9n594pw2gZmPzgTQWCyQ_7in1YTij3eokIQ7iOhgsX3LDOor8R9-SWsWtx4YdFG6ySLdaXfb1k3kaJj6eN-CYU47_RG-B3mkbuMwNlvwccJeuu0f6os6aUSLBPHxjRiCWJoSbCu-Z10_TJY0qznWXNQ6sZ8Z_08RejYjXVOkgzNWt3YhfLpf5dcwWhX85ghjZaz3ruB9DiS3chynRlSosMacaT93YIyMTmcrpvmWh-Zoa4engNoQlduzGZwAT6jonWngSSBQQIBBgBkgUECAUYBKAGLoAH-Zjb0QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCQ0APSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCogUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NzM1ODQ4OTE0MjE5MjU4GAA&sigh=ICxdylkvCq8&uach_m=[UACH]&cid=CAQSGwDq26N9Te4rM7-V9J4vCk0GYYWbhqFJD9T3ZBgBIBM&template_id=419
Frame ID: 5FE3BB16A5F34B23CA7CF7D6C25F206B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8147AFA960D706802322798FB469F36D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 0088E799A61C13E9B7C70C53902FE560
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 98E9868C5FB4D9F3FDE45627706D19AA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Frame ID: 81FBF0F87C634AC1B3DB2F4136F44D37
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 90A073D078F3D62FBBEEF328E8EEBE0F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 399DDA406F47B54FD44EF1D4E8272BA6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY9arexgEwAQ&v=APEucNUPeMKuqjgGQahjbFdAkknN9j5DFDj_cyzMyp2WrDMlg83cs3Z1pxzuFJQxKOIAcFEAtJy1MHs5q6fqCrfVhchtoslLLisk6A5kCtLb4dMZdUl4QJ43OVBrsByZDlVY3YAjxLIAMs1Odxc8-yqpet0MykWtSL_M_wYYV88mdFfSlb1qHmI
Frame ID: 3464F34511B00CEA6CC54C75808EA0D7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AD3G-7jd1D5EMiRy4ZqJbdQsbMyR30Dsi7coNSWJzg6TQZHdP7NX8CVwv1Pxx6fspzKp3e2Sj_cp9P4AwCCN6P1ebnK7_7q7dhc-a1s7yCA6_so-xnrfKfYproXHfgWYnQNZ-LDIMwIAo8ds6_Xm2INCEdhyjThRyhKpWEfzLPJSHOVhU&cry=1&dbm_d=AKAmf-ByHr48I0ZzLmGaDg_mFYH_HgPFyeJP9BjnZ3VQKI6X74mynTf3XOFj2LQiSNT5TiXGrKsTz07ITexqvfKuenyCKkDkJ69aDhHj40joFsE8hzgDAl13nsFbJ5EaQVUHgLwVLuDxSR9x-ns2FyJ_dRz2SZPREIeGiq3hL4SeZ7ISZI09HaJofQajU9qu1rOY9vp8Y_y0xmg6NKncnsBh9EyZxmT9zEoDtgctNWj4Sxu_kz6y6eBqfw16wZc9fXo6s1GpclOAVbInkayg9fl7Q_f2LCpppUkg8hz4MMgiaM1Mmh_TXcygzOV9epba2AOxW7RAJjKhy155VTXooocgowTdSR0pOWrU3Y4jMjlLPHtnZvI0bN0fnNMJCJRTNup0pyt3KMteH-WQ8RKewk7eDl1YcdE22W_UshE4T5S6sjeoRG7vt5gIw7C0Zwu1Y3YziLctN8ryHAn3PwIal8xXec2VPWMcLqbykKAgs9_0che1UyaFbM8Xo4IhRRYwXoFL70LmG9k8bVfVECLT2ZN4mgX74FuyfiE_Cwmb38Rdh2xzj_6mRNuQgZ4o8xdVeKS6ElA4U8_LMcaW-Wd8Gs9YsKgyQYZxP5UDJjGLDw5m2vsN_7-bcMY-OLK8nc127W3VDw7iSwmycGCxhvkVdeU0dFj6BsbHr8YRu86TiQcAJIGb6E-K81HK65P0jCD-t_Q_1dlYpiYYW2p6VwrwBxhogk5g4zJSIyElpgZWmqU8A_5Jvi3N60XlXgp46jO0Z9gCf4g94Ve1YSMXRWWIlmXm0859XbN7lflRIE-Kp5K71drkgo2KKwASQ3iRVJitbDtX4v7gP8RxFGCbiRFtquETNDfo8lPWGVbza4YAXca4sIpfFg8Rcagi0ffsyBiemOda6wwhGRzXakZDDW5pPW5fLHbYwVm7qGXM_iqGeZVaXD-m9vP8kqC00L93JQmhGM0PDphHx2TAMHCIRgeEgub3PvRVCCKCjmB6HxZAKdar2syBRePTEfztFoFBUzjVzoV-eA1_-mUubxB6koa7a5SPZKtho-vsGF_ffR--JgsOR3OUHI5Kvmkap5hbjR4-U0mhEbQtasKGrxJUzcTXkpTTqGSNMnNJdpEumcCwXmmYZfKSjEsN-R4_Tq527Iohn7vRZIqa0QUSVIsdTn_2VGIX3Tth02y8pl5mqhwnczXNWu7IA_vSsEBXUYcxvPHYibfzst4GOOYHsAjK8q5D6UIo-QgZbwa3N8lYKP-7EY3SdXHwzhBRMu4jsDbMpgFh5FTK5_hZHsbXaDAVl7D2_vvCv1lX_xnjNIqzcpEC0o7tDkLPReFNbD8asqiH0OaekiRgUIpuUzbEkiExy0Eih7ANyGnHbVp46END-GeyYVZn8b3_896juiRclU0ABqVKCQ23a2-qfPIYUwlo-D1ohYXpmFHKzFKMXXzxeNK9toVc3G5zKqkzZuPyq05c-AgMzdQvKBHO44cyP7ekHDm7yVj5A5knHFNio1TSu-FCrel7-MxnZIPIxJ9--pATPZYTFnsCXqfUVVLt-5odDEPizeQDJAO69v2CcUyZP5sTPqiQtfFLGSxRW9bqPb2JUIaX-ndkwWn7o2sP8v3IpPET8AIdWon1aU1GASA1ZV2-S7WsGW2ydei6cXkD-aVQkiJdkpK18krRGX7WoDVH-pN99m0WyeYVCxGysOZ54vSyusBUOv38aiMT5EH1yiGkcKICaNhPaHWPjnP-sAH9zH7jEZkcoTliYO4pqgm0PqFSbEWpP3B0gGZ2QFyv_lTKh_ChLKvO6GUyYGS1oYDjEXUZTW1R0f8_RdVt7vCOBxGs4Ab3qpFM9PSbFBkfQ_xP9HUYBC5TQkSOqDhvmR7VBgaEBZPygj078u_noCbaoITkRST67QSJCOqaIDSpPJuww9vZVeINEKphTL2gQK2hTDkGq5hRa6yUiFpKnTIYxZuk6Ice5TAEHx9pqQbQN8RgonqLQwZErwv2nDDp_07pwyk11jBJ6CBIV-HZXY_lp1L4FvkIbzHm-hfe6Cj7eDdVA61uk4kmjVIh9_ILZ5eGTIuJJKoG2ZNrEzN8A1Mz1xao2JaVaBnrPei1REh-rrmV5nFrjxZ4WQ6GMoIYwP1vLjsYBeyy70SKPcGfP9Lj9pPESZ23fDm2e2HYg7X0DbW89NOIFKHkdfBGfBHmJy5ykup6-gUnWS8nrus7GG_3ieMNc7Ydti98w3OLzBdgtAtK1VSMR0ggUZCa8eqeGQ7kxlPevhGMZfuX-AuY1LaeFzhQ7tLXy81QTHFtQbZkX3HMul97vV3l-tw_qR_7SH6tm8_ci_9SNErlaB9uHvyOEj6x-SawJFd2bgwRVUvqwukFUkhWYFL-4fldaEpGA5_yMY03DdgWpN3muE1WUpvKEgKj6URBQiMKyU458mKrgwnLEoraueU0lOBEcQCg7ikkRq4RhJs7dGAHTRhU13U1y_QjTU-E_DLI6PXXxPSBWRkVDtRn4kSUbwtZv8w7Wya2cUyvuUhXIhF0gyYHh_q8YpvuFKd9VoGYxeHTIom808HS5glO8pKPYJdSmZh-uzk36HOlIjAmvemOnulvJZXF1yEDdHbeu7WWyEeme18ffiKRj50iE4eO3a7T6bT15Bgi_M9aRrqrqgTkgPGSgO_6PDeYCQC9k3g9xrMikrlr1QkVSMyB_TSFweclK_AaKJTAumlFDv6juBdGptUmpyZZe8I5YunuMh3sqIWcHbfQMJgnRBA8YLEylIPq_J9htU6QB6YQPBkvz5hwLRwkpF8QoN69vgIV6yRE7852vBFCGvUU6w_VseJBiepRPVHd4Ts45bH9ehjKWr1-kXJI4KW4raflfHWPiWHjw-dz4YeWstmx4vospnDckjaCJvvbUI6ykt2Rp4voIyMIJC0KB7XtLxuWv2vZb3HwvVhO6HZjKclZAX6I4JZdwUWunWDQY5uTsjSBEwk21fyDWj-YZ-ShdyUEW74rO7NA3NUpY2pvPK44M85ZisFUDeIqmuauvoAnMxfZ0VGFTLGz-GMAOMxH9DND1EkzJpfbG9JhR1RFrkYOo5euDUbQ993rTXfbIrt0irUA57Qipv_paRe3zY2V5aSq_HcG5ptc8J5vDDCWVEod4YJFpZyaVUmsrEAOT8kg501oHW3TIKnhuwa1DIkf4cRtrQTN7-1YYz7q1qnZVtK0iOAlGVwi5LCNcL2kqOzGL60a9ilsRtIitIpgghihfeLW1mHxvtA-dFJNkV5xOe9gozaFJxTx4eQWOmW3Ma_iVQnt3kXjB1qNezv4wkwOhQR7_runoFwBrMZNxlsfJSkvlxdQGhgO2GcGlHdwG0MI3d8k-PmmmNwA1rAUZTb-EEQAJUHj1DGp3HIhI_Q&cid=CAQSKQDq26N9THkDx_iAb2xzKEToZe_7o6BFxTWQzc2blsPdY-ZAVFDDjjivGAEgEw&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240
Frame ID: 50352BDDEAD88848FA7603564617DD66
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 740226B8A29C1E2B7189FD2CFE896747
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3317.js
Frame ID: FEEABF2AF0EE3FBC57F2D4F2BF4A63FD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2848CC8E31F58BAF0E123975023DFD4B
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3317.js
Frame ID: D8CAECB02C714485F59B9C8494A20CEF
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Онлайн бібліотека Gumoreska

Page URL History Show full URLs

  1. http://gumoreska.in.ua/ HTTP 301
    https://gumoreska.in.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

148
Requests

91 %
HTTPS

61 %
IPv6

22
Domains

41
Subdomains

32
IPs

7
Countries

4342 kB
Transfer

8056 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gumoreska.in.ua/ HTTP 301
    https://gumoreska.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_165/https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png HTTP 302
  • https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png
Request Chain 3
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_525,h_350/https://gumoreska.in.ua/wp-content/uploads/2022/12/tosty-na-den-narodzhennya-na-ukrayinskij-movi-slide.png HTTP 302
  • https://gumoreska.in.ua/wp-content/uploads/2022/12/tosty-na-den-narodzhennya-na-ukrayinskij-movi-slide.png
Request Chain 5
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_525,h_350/https://gumoreska.in.ua/wp-content/uploads/2022/11/pryvitannya-z-vesillyam-ukrayinskoyu-slide.png HTTP 302
  • https://gumoreska.in.ua/wp-content/uploads/2022/11/pryvitannya-z-vesillyam-ukrayinskoyu-slide.png
Request Chain 12
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_525,h_350/https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg HTTP 302
  • https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg
Request Chain 80
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 83
  • https://gcdn.2mdn.net/videoplayback/id/e9427f52eaa3a765/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702287718/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/BBB52A707C7B7A6CE975212AFC1E6A539ECE4C22.574715BCEDC06EDF160F7220BC365D6A9F6A79E2/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-aigzrn76.c.2mdn.net/videoplayback/id/e9427f52eaa3a765/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702287718/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/17DB920C1C9981D842E3BFBC5E75CF10916926F8.81F48511FC45867B914CFBB291A4B0F102F4D9FD/key/cms1/cms_redirect/yes/mh/u2/mip/2001:ac8:21:e::10/mm/42/mn/sn-aigzrn76/ms/onc/mt/1670751414/mv/m/mvi/3/pl/48/file/file.mp4
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSw9qgptZqV8a0bXUw60O8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSw9qgptZqV8a0bXUw60O8&google_cver=1&C=1
Request Chain 118
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5Wl550zd.7.cHCWwwuXyQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSw9qgptZqV8a0bXUw60O8&google_cver=1&google_hm=2
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIW1yYrEXQddOt3bMDY6Xb4&google_cver=1
Request Chain 120
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0NTk3Njc1MjU1MzAwNzU5MA%3D%3D
Request Chain 134
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZXNS-3OBfrc1ANMu8cnnk&google_cver=1&google_push=ASkJ3FbJda8O0PmgmCFrrWLf4KhVgEjEnn0oLvm6P48jtVHJxm2b_jH4c2SekCtYpIFJEzgzOVLoh5PHYXarVuyaQlZNuZW-goC12N8 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZXNS-3OBfrc1ANMu8cnnk&google_cver=1&google_push=ASkJ3FbJda8O0PmgmCFrrWLf4KhVgEjEnn0oLvm6P48jtVHJxm2b_jH4c2SekCtYpIFJEzgzOVLoh5PHYXarVuyaQlZNuZW-goC12N8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MkFQdXh3eG4xUDRpUW41&google_gid=CAESEBZXNS-3OBfrc1ANMu8cnnk&google_cver=1&google_push=ASkJ3FbJda8O0PmgmCFrrWLf4KhVgEjEnn0oLvm6P48jtVHJxm2b_jH4c2SekCtYpIFJEzgzOVLoh5PHYXarVuyaQlZNuZW-goC12N8
Request Chain 136
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHmZ1l1Ed0PbgKjQLkzg2lE&google_cver=1&google_push=ASkJ3FaFQoRuWQ3bhatPBZz0aK9NmQhIEcMGGyXXxrJyRcxQyjzc-S8qY03PolEO0r5UjdVaObmVJMHDUZoTKnIRue8WmPw5Z2KP5g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaFQoRuWQ3bhatPBZz0aK9NmQhIEcMGGyXXxrJyRcxQyjzc-S8qY03PolEO0r5UjdVaObmVJMHDUZoTKnIRue8WmPw5Z2KP5g&google_hm=eS1Ed0hLY3B4RTJwSGxPaGZLVFhFVTZNdnFSaDRZRnBHY35B
Request Chain 138
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF1SssA107AO3K0osQLuWKk&google_cver=1&google_push=ASkJ3FbuuHXl--NEgw8x9B_XD9LpzLQg-z-JJ1eJQeQGfiX2nRUnLnch-0F6OMVcwigZ9nH-FM_AnC70N-OcdR1fyiMQwfWq1tibuIQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbuuHXl--NEgw8x9B_XD9LpzLQg-z-JJ1eJQeQGfiX2nRUnLnch-0F6OMVcwigZ9nH-FM_AnC70N-OcdR1fyiMQwfWq1tibuIQ
Request Chain 139
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENslV8JMoezOcbscjayz7Dk&google_cver=1&google_push=ASkJ3FYAUQzNUoHyyrB5bvdU6qWY0ePqRV35r8VYZ86nbI-HpbTAPtMqeSeNuVZr7kdIZtFxuApB5hHaQ4hGba2f9p94ZFiF_LVxFTws HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENslV8JMoezOcbscjayz7Dk&google_cver=1&google_push=ASkJ3FYAUQzNUoHyyrB5bvdU6qWY0ePqRV35r8VYZ86nbI-HpbTAPtMqeSeNuVZr7kdIZtFxuApB5hHaQ4hGba2f9p94ZFiF_LVxFTws&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mcVk3T0pkRTJ1SFpXY3pvN09wS1B0NHB4WVk2OXNkWX5B&google_push=ASkJ3FYAUQzNUoHyyrB5bvdU6qWY0ePqRV35r8VYZ86nbI-HpbTAPtMqeSeNuVZr7kdIZtFxuApB5hHaQ4hGba2f9p94ZFiF_LVxFTws
Request Chain 140
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAKOMoZ7ZZ4IMyKv6LqzaRE&google_cver=1&google_push=ASkJ3FY4B1jXWEirm48UJY0iW0fiob0ep74W35cyLZ9L77CHkB7qaUyJMflmxJaSODnokL0rdAaavRssOCgfMoPloWWGX5J491pfiMoP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTg0NTk3Njc1MjU1MzAwNzU5MA%3D%3D&google_gid=CAESEAKOMoZ7ZZ4IMyKv6LqzaRE&google_cver=1&google_push=ASkJ3FY4B1jXWEirm48UJY0iW0fiob0ep74W35cyLZ9L77CHkB7qaUyJMflmxJaSODnokL0rdAaavRssOCgfMoPloWWGX5J491pfiMoP

148 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gumoreska.in.ua/
Redirect Chain
  • http://gumoreska.in.ua/
  • https://gumoreska.in.ua/
407 KB
72 KB
Document
General
Full URL
https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed / PHP/7.4.16
Resource Hash
08db8242bf9b44b57347e2c7ae8c199cfb1811521478d6c4c17f556821c40ecb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 11 Dec 2022 09:41:56 GMT
last-modified
Wed, 07 Dec 2022 10:02:55 GMT
link
<https://gumoreska.in.ua/wp-json/>; rel="https://api.w.org/" <https://gumoreska.in.ua/wp-json/wp/v2/pages/149>; rel="alternate"; type="application/json" <https://gumoreska.in.ua/>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.4.16

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-type
text/html
date
Sun, 11 Dec 2022 09:41:55 GMT
location
https://gumoreska.in.ua/
server
LiteSpeed
vary
User-Agent
fontawesome-webfont.woff2
gumoreska.in.ua/wp-content/themes/veen/assets/fonts/
75 KB
76 KB
Font
General
Full URL
https://gumoreska.in.ua/wp-content/themes/veen/assets/fonts/fontawesome-webfont.woff2
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://gumoreska.in.ua/
Origin
https://gumoreska.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
last-modified
Thu, 20 Aug 2020 18:28:12 GMT
server
LiteSpeed
vary
User-Agent
content-type
application/font-woff2
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
77160
expires
max-age=A10368000, public
logo-g-165.png
gumoreska.in.ua/wp-content/uploads/2022/08/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_165/https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png
  • https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png
12 KB
12 KB
Image
General
Full URL
https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
67ec803f11712200df40e8457e9ffba669110709706bb9745671956fd1aa9494

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
last-modified
Wed, 03 Aug 2022 06:32:10 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
12178
expires
max-age=A10368000, public

Redirect headers

date
Sun, 11 Dec 2022 09:41:56 GMT
cdn-edgestorageid
1054
cdn-cachedat
12/11/2022 04:01:57
cdn-pullzone
257218
cdn-tag
0; Domain: gumoreska.in.ua; 302
content-length
0
pragma
cache
server
BunnyCDN-DE1-864
cdn-proxyver
1.03
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-requestid
8d0f4c4cf3693408b10ef0b65d569979
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
302
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af7d93949e8ddbc38c12a902b848ad043428d414fca686c6cc51184a3d3df1ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Origin
https://gumoreska.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49670
x-xss-protection
0
server
cafe
etag
17802532272825189739
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 09:41:56 GMT
tosty-na-den-narodzhennya-na-ukrayinskij-movi-slide.png
gumoreska.in.ua/wp-content/uploads/2022/12/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_525,h_350/https://gumoreska.in.ua/wp-content/uploads/2022/12/tosty-na-den-narodzhennya-na-ukrayinskij-movi-slide.png
  • https://gumoreska.in.ua/wp-content/uploads/2022/12/tosty-na-den-narodzhennya-na-ukrayinskij-movi-slide.png
127 KB
127 KB
Image
General
Full URL
https://gumoreska.in.ua/wp-content/uploads/2022/12/tosty-na-den-narodzhennya-na-ukrayinskij-movi-slide.png
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
4daf15b436d0f278a422724e516b8eeb886e54046d2a576551acfe99661a708d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
last-modified
Wed, 07 Dec 2022 09:47:51 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
130323
expires
max-age=A10368000, public

Redirect headers

date
Sun, 11 Dec 2022 09:41:56 GMT
cdn-edgestorageid
755
cdn-cachedat
12/10/2022 12:31:26
cdn-pullzone
257218
cdn-tag
0; Domain: gumoreska.in.ua; 302
content-length
0
pragma
cache
server
BunnyCDN-DE1-864
cdn-proxyver
1.03
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://gumoreska.in.ua/wp-content/uploads/2022/12/tosty-na-den-narodzhennya-na-ukrayinskij-movi-slide.png
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-requestid
460961d04a13b2cccef495fa31042de6
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
302
cdn-requestpullsuccess
True
fontawesome-webfont.woff
gumoreska.in.ua/wp-content/plugins/print-post-and-page/fonts/
64 KB
64 KB
Font
General
Full URL
https://gumoreska.in.ua/wp-content/plugins/print-post-and-page/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://gumoreska.in.ua/
Origin
https://gumoreska.in.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
last-modified
Mon, 25 Mar 2019 16:54:20 GMT
server
LiteSpeed
vary
User-Agent
content-type
x-font/woff
cache-control
public, max-age=0
accept-ranges
bytes
content-length
65452
expires
max-age=A10368000, public
pryvitannya-z-vesillyam-ukrayinskoyu-slide.png
gumoreska.in.ua/wp-content/uploads/2022/11/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_525,h_350/https://gumoreska.in.ua/wp-content/uploads/2022/11/pryvitannya-z-vesillyam-ukrayinskoyu-slide.png
  • https://gumoreska.in.ua/wp-content/uploads/2022/11/pryvitannya-z-vesillyam-ukrayinskoyu-slide.png
132 KB
132 KB
Image
General
Full URL
https://gumoreska.in.ua/wp-content/uploads/2022/11/pryvitannya-z-vesillyam-ukrayinskoyu-slide.png
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
c00cce67a6ce76987f2dc7b4584192cf2e725370c8cde2ee101f0b0ba38b89aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
last-modified
Sat, 26 Nov 2022 10:23:56 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
135301
expires
max-age=A10368000, public

Redirect headers

date
Sun, 11 Dec 2022 09:41:56 GMT
cdn-edgestorageid
1047
cdn-cachedat
12/11/2022 03:00:58
cdn-pullzone
257218
cdn-tag
0; Domain: gumoreska.in.ua; 302
content-length
0
pragma
cache
server
BunnyCDN-DE1-864
cdn-proxyver
1.03
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://gumoreska.in.ua/wp-content/uploads/2022/11/pryvitannya-z-vesillyam-ukrayinskoyu-slide.png
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-requestid
1f2f9cbc0b67ab2cab0b87b2a2fbda6d
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
302
cdn-requestpullsuccess
True
blank.gif
gumoreska.in.ua/wp-content/plugins/wp-fastest-cache-premium/pro/images/
43 B
105 B
Image
General
Full URL
https://gumoreska.in.ua/wp-content/plugins/wp-fastest-cache-premium/pro/images/blank.gif
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
last-modified
Sat, 19 Oct 2019 09:24:50 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/gif
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
43
expires
max-age=A10368000, public
inactive.svg
gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/
238 B
305 B
Image
General
Full URL
https://gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/inactive.svg
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
2c0c291bc0981ba13c0fab388914b31ab2729ab42036ef251081077a196403f6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
last-modified
Mon, 21 Nov 2022 14:12:36 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/svg+xml
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
238
expires
max-age=A10368000, public
active.svg
gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/
246 B
278 B
Image
General
Full URL
https://gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/active.svg
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
bed6cef3a2a83b0bfc42310907aa856549a86c15b7f3103d936c3d436bdd0655

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
last-modified
Mon, 21 Nov 2022 14:12:36 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/svg+xml
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
246
expires
max-age=A10368000, public
2o9k1.css
gumoreska.in.ua/wp-content/cache/gumoreska.in.ua/wpfc-minified/1bt90yh4/
30 KB
6 KB
Stylesheet
General
Full URL
https://gumoreska.in.ua/wp-content/cache/gumoreska.in.ua/wpfc-minified/1bt90yh4/2o9k1.css
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
43cc4405f112007891ce897704a3c51090f06518ec5f412abdc41a6946972723

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
content-encoding
br
last-modified
Wed, 19 Oct 2022 12:18:01 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
6546
expires
max-age=A10368000, public
2o9k1.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/
87 KB
30 KB
Script
General
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/2o9k1.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
d70c2766b7c42f0b2418b6ea551262fb3750ec117c5183e02a388c2bb6a34b4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
content-encoding
br
last-modified
Wed, 19 Oct 2022 12:18:01 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
30223
expires
max-age=A10368000, public
c8jpp.js
gumoreska.in.ua/wp-content/cache/wpfc-minified/k9zenhzi/
306 KB
81 KB
Script
General
Full URL
https://gumoreska.in.ua/wp-content/cache/wpfc-minified/k9zenhzi/c8jpp.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
838df6a7fecee1b171bf2042fda0fc74ee94872026a2eadede826118fb67dc5f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
content-encoding
br
last-modified
Sat, 10 Dec 2022 16:26:39 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
82753
expires
max-age=A10368000, public
kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg
gumoreska.in.ua/wp-content/uploads/2022/09/
Redirect Chain
  • https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_525,h_350/https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg
  • https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg
65 KB
65 KB
Image
General
Full URL
https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Server
77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS
pl-rocket-da1.hostsila.org
Software
LiteSpeed /
Resource Hash
bbfba9ecde14a323dfdf4f304b68ca3e9db35a8025a5859b49abfde256becc69

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
last-modified
Tue, 13 Sep 2022 11:06:58 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
66960
expires
max-age=A10368000, public

Redirect headers

date
Sun, 11 Dec 2022 09:41:56 GMT
cdn-edgestorageid
752
cdn-cachedat
12/11/2022 06:16:20
cdn-pullzone
257218
cdn-tag
0; Domain: gumoreska.in.ua; 302
content-length
0
pragma
cache
server
BunnyCDN-DE1-864
cdn-proxyver
1.03
cdn-requestpullcode
302
content-type
text/html; charset=UTF-8
location
https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg
access-control-allow-origin
*
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-requestid
8884a4f8fee266eb53078800fe399600
cdn-requestcountrycode
GB
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
302
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/
127 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5Z22TQ8
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/k9zenhzi/c8jpp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f92b1327919cd58a1a223e4d17e518c6a6a411f3c3451ead3d0724c21ceeecc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48665
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 11 Dec 2022 09:41:56 GMT
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%7COpen+Sans&display=swap
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Dec 2022 09:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 09:41:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Dec 2022 09:41:56 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/
356 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9bf9b8510762a4462ecbe13c2a10fafcd88832fd7b60517af761d77f9a7433a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119974
x-xss-protection
0
server
cafe
etag
8309704090252175668
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 09:41:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame 48D9
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
71191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 13:55:25 GMT
etag
10353107486223812946
expires
Sat, 24 Dec 2022 13:55:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
112 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-131431071-1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z22TQ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2251442b6f81a6c1139e51d7353a40ec0b7c5b9ef61a25b1c4efb34db89fc1b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44700
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 11 Dec 2022 09:41:56 GMT
js
www.googletagmanager.com/gtag/
213 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XD2CSE5HNH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131431071-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fab05395cd77c17416e710d1b923dac538b46ea6ab488c627eb2b5d183a046a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76224
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 11 Dec 2022 09:41:56 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131431071-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Dec 2022 09:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1570
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 11 Dec 2022 11:15:46 GMT
collect
region1.google-analytics.com/g/
0
347 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XD2CSE5HNH&gtm=2oebu0&_p=1600452925&cid=1460323384.1670751717&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670751716&sct=1&seg=0&dl=https%3A%2F%2Fgumoreska.in.ua%2F&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Gumoreska&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XD2CSE5HNH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gumoreska.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
397 B
698 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=gumoreska.in.ua&callback=_gfp_s_&client=ca-pub-9735848914219258&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63180e21cc11e58335a55344176bfa56b59fc79ac68c6e4d7927b559e67efcf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gumoreska.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gumoreska.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7BF7
151 KB
47 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&adk=1812271804&adf=3025194257&lmt=1670407375&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fgumoreska.in.ua%2F&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716516&bpp=4&bdt=363&idt=429&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=527269080874&frm=20&pv=2&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=450
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0186818c195f3b34f967ec0bf2b8b75fa5fefe6c5e2bd5a60c6e841d3b4d17d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
47737
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 09:41:57 GMT
expires
Sun, 11 Dec 2022 09:41:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2AAC
110 KB
35 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
484f4cbf849ab97e1a7199dff727372d683adbf0283e4269cb68b5c8c2f94681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
35329
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 09:41:57 GMT
expires
Sun, 11 Dec 2022 09:41:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4971
72 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fababa0752f450422ab0469e37d6df463cbefbef60ad9468f4cd09cfeb192af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
23135
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 09:41:57 GMT
expires
Sun, 11 Dec 2022 09:41:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1600452925&t=pageview&_s=1&dl=https%3A%2F%2Fgumoreska.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Gumoreska&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1999409004&gjid=500875261&cid=1460323384.1670751717&tid=UA-131431071-1&_gid=479505457.1670751717&_r=1&gtm=2oubu0&z=1574810728
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gumoreska.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gumoreska.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1E21
436 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4eeeea94d6fa339abff093e05cf09a56a23d38ae3a32fa3d5b36ef3fc430ee21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 09:41:57 GMT
expires
Sun, 11 Dec 2022 09:41:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
1 B
439 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131431071-1&cid=1460323384.1670751717&jid=1999409004&gjid=500875261&_gid=479505457.1670751717&_u=YADAAUAAAAAAACAAI~&z=188572868
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gumoreska.in.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 11 Dec 2022 09:41:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gumoreska.in.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/
150 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a60235fbe15445f631b705069503b3eb66d2472b75a04eed0f66eb5fc2c29bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52348
x-xss-protection
0
server
cafe
etag
11393124245357641082
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 09:41:57 GMT
css
fonts.googleapis.com/ Frame 2AAC
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Dec 2022 09:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 09:05:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Dec 2022 09:41:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 2AAC
2 KB
817 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 12:10:29 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2AAC
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3FiH5aWVY_biCd_4xtYP2O2VmAKioL7vbf-5y5bBEK_q5PHIARABIKWvh29gu4aAgNAKoAHT_PbVA8gBCakCmpJZifmusT6oAwHIA8sEqgTKAU_QrKTh0FMZsTIe_kLCFVeTZ-rHT76EqmptmmxsbeaAU-F9di2c-Lm0ga4-gFRfCTZVdqxMzQ-cVXlEMAaYWeV5tGhaABszsMYKgX6gJzLw0m8Ap_3OnjbFMQzzrX_kt_6XJvb172icpaneMR8eXD0FI80yA95ViepiZLZgnHSkhQDsSHduMFiKzYWhojGEXH0_bXVBMQmh4raihVAqwtqOMyz1TEXeQhLiOAQjhT8gI-_J8jEx4vLXAHkUlfKahDhQWsX4abZHzMPABIzZteajBJIFBAgEGAGSBQQIBRgEoAYugAein-rIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEPRB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGYDJyxwayQBLgTgwTYEw7QFQGAFwGyFxwKGggAEhRwdWItOTczNTg0ODkxNDIxOTI1OBgA&sigh=bt9PDXRtIHs&uach_m=[UACH]&cid=CAQSGwDq26N9LFL8sy8XheBjwiquRag0mfGG63NzMRgBIBM&template_id=515
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 11 Dec 2022 09:41:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 11 Dec 2022 09:41:57 GMT
data=PaV0uldPA4PA9H_wbVcMR-Ozz-VUVOuCP0oHDYhKLPSCuC4x7elamCZBKghWldme3z-rZ041KscziF_OUHGXArqpiCuDhGRbOHpFMBYUkys9Xcs8gRfrbIaYUwNfIuQ
mts0.google.com/vt/ Frame 2AAC
0
0
Image
General
Full URL
https://mts0.google.com/vt/data=PaV0uldPA4PA9H_wbVcMR-Ozz-VUVOuCP0oHDYhKLPSCuC4x7elamCZBKghWldme3z-rZ041KscziF_OUHGXArqpiCuDhGRbOHpFMBYUkys9Xcs8gRfrbIaYUwNfIuQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

truncated
/ Frame 2AAC
244 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2AAC
333 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 2AAC
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 12:10:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 2AAC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 08:41:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
3606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 08:41:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 2AAC
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 12:10:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2AAC
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Dec 2022 09:41:57 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 2AAC
34 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 21:34:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 20:45:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 05 Mar 2023 21:34:40 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 4971
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 12:10:29 GMT
css
fonts.googleapis.com/ Frame 4971
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Dec 2022 09:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 08:58:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Dec 2022 09:41:57 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 4971
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 10:02:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 10:02:14 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 4971
388 KB
131 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 10:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134376
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 10:02:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 4971
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 12:10:29 GMT
integrator.js
adservice.google.co.uk/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gumoreska.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gumoreska.in.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/ Frame DBDE
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
55077
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 18:24:00 GMT
etag
10353107486223812946
expires
Sat, 24 Dec 2022 18:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
139 KB
22 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
156d97a744f4ddde25cdb765e2a19cf19b001a28646266a6b014274fbddb53ff
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
182441
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22794
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 07:01:16 GMT
expires
Sat, 09 Dec 2023 07:01:16 GMT
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 5FE3
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8hOu5aWVY82WCbb6xtYP5vyVsAaU8bTlbdLAztHaEO_ior3AARABIKWvh29gu4aAgNAKoAH54IryKMgBCakCmpJZifmusT6oAwHIA0iqBMwBT9BI0XXb_XTo97_0eYElXf9n594pw2gZmPzgTQWCyQ_7in1YTij3eokIQ7iOhgsX3LDOor8R9-SWsWtx4YdFG6ySLdaXfb1k3kaJj6eN-CYU47_RG-B3mkbuMwNlvwccJeuu0f6os6aUSLBPHxjRiCWJoSbCu-Z10_TJY0qznWXNQ6sZ8Z_08RejYjXVOkgzNWt3YhfLpf5dcwWhX85ghjZaz3ruB9DiS3chynRlSosMacaT93YIyMTmcrpvmWh-Zoa4engNoQlduzGZwAT6jonWngSSBQQIBBgBkgUECAUYBKAGLoAH-Zjb0QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCQ0APSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCogUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NzM1ODQ4OTE0MjE5MjU4GAA&sigh=ICxdylkvCq8&uach_m=[UACH]&cid=CAQSGwDq26N9Te4rM7-V9J4vCk0GYYWbhqFJD9T3ZBgBIBM&template_id=419
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 11 Dec 2022 09:41:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 5FE3
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 12:10:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 5FE3
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 08:41:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
3606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 08:41:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 5FE3
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 12:10:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5FE3
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Dec 2022 09:41:57 GMT
truncated
/ Frame 2AAC
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2e3784be51fb92ad57192255ff8915e110000c2ebd64b27c6264ba45a3143f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 86A8
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 13:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
73778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 11 Dec 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 86A8
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
49732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 11 Dec 2022 19:53:06 GMT
stars.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
15 KB
15 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/stars.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f9891efe0668dfff831ea8baa6a2426055cd2256f99c45225249dd9cd3a2595
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 10 Dec 2022 05:56:40 GMT
x-content-type-options
nosniff
age
99918
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15251
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Dec 2023 05:56:40 GMT
p0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
22 KB
22 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/p0.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dff6a61c6c3c85556ba8f1b078d9b93109caeb8622c4b9d99c50eaf3044d68d3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 08 Dec 2022 02:32:21 GMT
x-content-type-options
nosniff
age
284977
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22045
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Dec 2023 02:32:21 GMT
a00.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/a00.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5672a662dfa3a55b18c96975c5b9d2c9ef7d8e52bb39d723c7d3f4ff80b9932
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 04 Dec 2022 13:33:20 GMT
x-content-type-options
nosniff
age
590918
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2517
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Dec 2023 13:33:20 GMT
a01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/a01.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d5cf956cf581ca2184750743dcf31ad2b112f25c52619edbeb6e70082ee8d37
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 08 Dec 2022 02:32:21 GMT
x-content-type-options
nosniff
age
284977
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9334
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Dec 2023 02:32:21 GMT
reddot.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/reddot.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be6c8541a7e3af01c32560e688cb5a402a4cfcd67a1d04651174f8c1bf6b44bc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 09 Dec 2022 22:08:06 GMT
x-content-type-options
nosniff
age
128032
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3122
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 22:08:06 GMT
t00.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
951 B
979 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/t00.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6dd7cfac78e9dc0ef9c8dcff934637869725bff49d632c04aac3cd18819be13
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 08 Dec 2022 02:32:21 GMT
x-content-type-options
nosniff
age
284977
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
951
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Dec 2023 02:32:21 GMT
t01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
724 B
752 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/t01.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00ff82cd8f35625d8581df8775a95517e9c35db80fa9ee32939e8c5a9bf998
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 08 Dec 2022 02:32:21 GMT
x-content-type-options
nosniff
age
284977
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
724
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Dec 2023 02:32:21 GMT
t02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
663 B
692 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/t02.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aca595dc45a87fdad669c886ec7743e4e5a6464833c769a3a37f71134880c59
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 08 Dec 2022 02:32:21 GMT
x-content-type-options
nosniff
age
284977
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
663
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Dec 2023 02:32:21 GMT
p1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
26 KB
26 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/p1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81df21fcc66b8e4831acb9e212c62bcd0b8bf78b9623060341afa261d5aa354b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 08 Dec 2022 02:32:21 GMT
x-content-type-options
nosniff
age
284977
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26427
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Dec 2023 02:32:21 GMT
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/cta.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59cea53635d3457a0cd791833999a6df362118a35974a5ad8883b857105d14ce
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 10 Dec 2022 05:56:40 GMT
x-content-type-options
nosniff
age
99918
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1040
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Dec 2023 05:56:40 GMT
technics.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/ Frame 86A8
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/technics.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6902432306638646250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef05e88d8ccd136d251eee454e77e13acd5f7abe821e12f4e0558e6ed2858786
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 08 Dec 2022 02:32:21 GMT
x-content-type-options
nosniff
age
284977
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2780
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 19:11:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Dec 2023 02:32:21 GMT
csi
csi.gstatic.com/ Frame 4971
0
327 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lbj6fo7r&c=3702309865621&slotId=1851154932810.5&qqid=CP_C75Sj8fsCFeWI0QQdZz4BfA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4971
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 19:36:30 GMT
x-content-type-options
nosniff
age
482728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 19:36:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4971
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
223183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 19:42:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4971
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ct9q35aWVY7-8CeWRxtYP5_yE4AfkpJDdbcyJrevoEL22wqDjNxABIKWvh29gu4aAgNAKoAH3m-3gKMgBBagDAcgDmwSqBOoBT9BEZ8iwSjHajAqsTlh6Xd5RSqdKE3w31YEDoRGExlQjBa0olX7WRUuEkz1ZvcNnbdheSERrHBG0ekJbXpG0QcCRvniKo3PTplmt1hqJIN9aqKb6-DrtKLD3VTSsfrJcb5258f7lx9ZKaUhKGMxsIps4ZZIbj__WYhTFI-wvgTtQGpGtgWIbKX27mFWrqsb864sUxlI0V6YCUJdzEZ29vY-NaBWo1vu-jY47v7YOjPQSwG4kBb-0PJSwbJiFKmBH6NULQ7zCMbUrDwH9Nc142UcU3YlxE5qxtMPuiIJghFUW6Yfzmtk4xLNcwATCz62pmgTgBAOQBgGgBnaAB_fTvcADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBPW6cIR0BMA2BMNiBQK2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1670751717992&ai=Ct9q35aWVY7-8CeWRxtYP5_yE4AfkpJDdbcyJrevoEL22wqDjNxABIKWvh29gu4aAgNAKoAH3m-3gKMgBBagDAcgDmwSqBOoBT9BEZ8iwSjHajAqsTlh6Xd5RSqdKE3w31YEDoRGExlQjBa0olX7WRUuEkz1ZvcNnbdheSERrHBG0ekJbXpG0QcCRvniKo3PTplmt1hqJIN9aqKb6-DrtKLD3VTSsfrJcb5258f7lx9ZKaUhKGMxsIps4ZZIbj__WYhTFI-wvgTtQGpGtgWIbKX27mFWrqsb864sUxlI0V6YCUJdzEZ29vY-NaBWo1vu-jY47v7YOjPQSwG4kBb-0PJSwbJiFKmBH6NULQ7zCMbUrDwH9Nc142UcU3YlxE5qxtMPuiIJghFUW6Yfzmtk4xLNcwATCz62pmgTgBAOQBgGgBnaAB_fTvcADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBPW6cIR0BMA2BMNiBQK2BQB0BUB-BYBgBcB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 4971
28 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AACo4fgVE6G54y0xGqfQILiI8vSZ9NOXkZaFoV6VyAWSt83JzvjHzvyiw3HTiTemtQ70uFF2sEquStEadWkA604WcPow&cry=1&dbm_d=AKAmf-C8-5_aRFEkc5F6kMlvXpid45lRNyny4LikV8Y8fykRKR9HEBVaRfXMiBs7M1zcejbr6GR36IhS4_TYivYymeuI8xT2xkHPcBh8IO4yj3aury2VxydvYAnS7tsuEJtQItTXWkMBaQjYuNt-51tw1q72yZaKIMExDQBH5L_JFBC-t9i-u4TvjsTFKp-Hwd3CamxTi_MrcIu4QXKoraToE5upHiFssqnEXu-LGXe3mDA7l9nx6VhZPNol4Hm9wJ3iwflybDxWdP5nXz9-wiQ2_JFpppigyI4HXkmuZpFK-A1Fuys_LZLX327yv3n2OIcMrSLBRWf_zPpe_s18ApyjSK3_ioz6U4Y2XEEozzf_ENwj7oVEKVY5FNLrg5QlNXa3jhaMSalUS6QXoovJuquFA-7HYjsiWRAtNNctZhw69WOcdEJUCr-LjkNwzExYHCiz6x5mDaSnybDT1WPr00EG1t-OZvR87HvJLWJ2C6CQHBQawfkSFTrDAnqAUlhzIL_aAWY60un4XwNfz7o1MOCJSO5r53XVHrU3ZduNGGNXY80mMB_vxPYHmAPG9x-5V2OaTWhw44CGc1z8afRe6mE-2L--hNKofQhCshcLieG4jbf1mFZeOY23qTFn81SI5jYK71-nQYLZenkK--KI4P-St0q7vEZtBvQZ9EjMrM6bhv80N5ZYDwrXxTE4vF9C6oAnWOzO6oDy5U1u3rbyICfVlfHijlIh1pmWexkQUiEh8aJWoQzpt4D3ZRJSfjVhkX8JvC03bpgtEPPh1Hyvp6PHfh9TRptjVTIp-CdoUstwP8BgcyplTNiMCm_KbmANBa0aFbMMpWbcnruKSB5DFvFMAfeb3M399w6n7VOiQAA6ENi-K_ULyrh6Gx5AwYaDpp6zhv9B8--T5AimAytVfIANdo1VK-WQ3-0fsAto9iJPjhVRe1_I7iNVNL4rJa8E9AmzohttauHBmhbrfOx94sGSyh4yCPC_ax2aKvGEX9Lx52m6hH-UyijIhVm5Ike82xLLQOYpM4Ra-Dta_RHyKY9447rz1WRymBhlrOuTSlMR1zg_SDRQPfYyevIeeDAJLxgueCHmcXOrgjElPJuJ7eZ_-Iv4mv0PyUohKtKfqTH5557ZOsXPwn1VXR4yASc67RreS7GamQokVqQqk4qxf9W26imSF0ZYgjNKnXJnrlu9qAAZXbPQ6QNjKlUc5Ao_F8O7tW4-4ugn_LFSTBsFN-6ja6oKPUfVJO4mTzwpTRrmWmlVElbu9LRQnkuG95mocbifju3bQ5A-vykU3PyNkMU4OgYYgR8tV-GQyYoGGBcuL-G0WFQhp2cZHl1i-84hi93vshSQA0N_K7Plnhi2jKRVHKgwZUQVk2UyOK2en75-jexJZSXblUMAQA4pRG427sDMY1wfXeLjc5sAoubZdRvFB5YsheL8y-4m7lqjTCcDZ0xM-gIRLm43jBjpIrAZreNIwWyTsAuxb32ZykIqX_Bx7WsKF-u5_NtfipliYrZnOl6cV3zD1754VqGqmpHq1rJaGvj40xgzvsZzYLvNkkk-X3t0eQAD6-pCKtZZjfCsAOP1fTMyS_js0Jsr0-7Qp1sEO1NaElyo8ALr6KtDRXhUXRD7KF6NzxdEUBWc_80qC2qz_3UEgrkxA8BSgYNtmUxwG84dtBTYUiohi9Jzg6O5fEnC0dq2byP4F0n8WnOhbBnVvixrS0pwHYKGU8VbS74GqOzAL3Uz9_O3_qRirFiAORh6_A4vyKNuljPIjXfVFW85hMGllbAYxtcHt41P0XTQI3PLe74qfGJQzRKAYlCgSLKTrHNEhYzMpuy15ZxSRRiy561mQgq_acmWjntlSP60ClIV7Tce9p0ytZzjo7kQmOwrh-AJq2lLGAUieNaqaIRnt-WQa4L0BZtPU54kNcSndsVOtiEpotbORqyJ-FS6ZiHffeTab3QlseD5JWY1PYoyZDY0EKktXaWWzcL06IurVFfFpyD3H4axiNXfFHrHoYVJk0XJqnOeZLtpxiPJuXXHVstS8Iiu0dM90lYMlggeitlawadM7yy3T4XKhOiZMsGNK3SKA-5bot1gWB5EVMZIL5wRT-Tjq319aKzWBEH3Tj8qScnDrIkng0W5vWWvelvAU83ha520nJVoPNg5qH93UwBY9HKRcKRuJBRItZ45wOYDquLFUQurz2HdO2WjBsyOp2DM0I3uVGq1bCDC14lPuQe3HcS6lGbJqaYWbpk9eWCZyz_IfAskJasyhz7FQ92mpk6-bKTnCccKv6eZnDWb91Ej7p0mz9DKS_p_9_HSBCm_QeO-1rl3Mlunk_YAwcOtYOH7f_094hjB-QxyoC5sCp-jugTTW6TKN0vYBzc23HSpmGe4xNDbioOnoGc3zQ6j9UTFbGoI0PEYlxD4XeaHRW_Usz59dXXIv7M_7jNaX_u5UHH4-DMYlhRa5S8A2Ak4WWbM8z0H6WmsuElGMw7UE0RvY2FkBQdOGghcGCkL04_s9JYCSvVEF95Pmqpo6wknhzdiT4CE5R5Y32EAnrvCd6luUfmMB5cCoakga0-lgDw20-lgzr-ojriOmMrn0HfIVatBRrPOHW2lT2wymVyQTXRMc5yMvka-CQ_aROyaX19XzVjvL_ciuL9zdBtHBW55nA_86m4JKdKyT2M_v6A45vbvfprjhw3-omRrQi1JyRJa1dfW4mLIUDS3Jp7sVQLblG7JD_drGhwlznWAynrfj26qC5YegBv0Hab9FOS4YjvXrIorVqaiRIvYzNhkgqzQjmhvJb8r94WGUXpWrOzS6-p5cl5TzcOqQS7lAXJGIfqbQk9msi9dmoX2c7xh8mn_B6bnY-gEpXxuMKOFsDmvK021NYp_bGY7wi6lu4XVUbXqbaDTX3VsSk37_G7-7oh2udTjZehf4YOZPLmpcVgTG_7_YNnCxilf5ZHps01KcABj8SNdA3w9wVeNC7MjF01zZtDqXR2Qn8jO-f3pKyl_TG-Dde2E2d3VQ0Os4P5Ed8FkXMaH4km9p-USOWUYFtSHo2u56KKT00CGfinD_J-uTKb7sReT7q5j8SW2wd9W_zn52KWnz7rqyK-4sEDk9oakpvVGRbVIjea4yNpEcYqe9BSuJ9xAsuVy73rQRBAVMvqJT8t-aOneXy-ioT01wgINEsF9fFlr-JB9MuE0c7mVtepozZU7kjDGgm07f-sUxzwhG4ix-7_p6cCWnwNGhg0QhTLRWLzA5MgD2s7p53HHb4UHSgG9OtnQM9iFGr9o93XcP0Elcw-Wvjqx0uCFlj5ilhci-aQmkgsZhPJxeLzvUu4kxQaUTby96E5y2ZZ4QPE6ct3LBSd5y-4LXBrAqiBXCVdM2YjG9cHZ-XjPlq__maEjTqk64RRnjxrgbmWY3bKOtW-M&cid=CAQSGwDq26N9lERSQfsdOB4IV8wowHzEV6qveMbhjhgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
cafe /
Resource Hash
51a63cdd90bfe46d56005e6a387e33cde6c1893ad0221dc0e5acb2cdd96e6640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15847
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4971
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-Ij05aWVY7-8CeWRxtYP5_yE4AfkpJDdbcyJrevoEL22wqDjNxABIKWvh29gu4aAgNAKoAH3m-3gKMgBBagDAaoE5wFP0ERnyLBKMdqMCqxOWHpd3lFKp0oTfDfVgQOhEYTGVCMFrSiVftZFS4STPVm9w2dt2F5IRGscEbR6QltekbRBwJG-eIqjc9OmWa3WGokg31qopvr4Ou0osPdVNKx-slxvnbnx_uXH1kppSEoYzGwimzhlkhuP_9ZiFMUj7C-BO1Aaka2BYhspfbuYVauqxvzrixTGUjRXpgJQl3MRnb29j41oFajW-76Njju_tlaNbudT_GKXbnHw_1mg_QXuHfks9qmvgGD1jgsFhfQc1ftZsyh_R846tKlpWDL1PIYkfDrxVANOstHABMLPramaBOAEA4gF8cnlq0aSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB_fTvcADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ7LQBGMuDsM8B0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE9bpwhHIE_rt8eAD0BMA2BMNiBQK2BQB0BUBgBcBshccChoIABIUcHViLTk3MzU4NDg5MTQyMTkyNTgYAA&sigh=Gr2KE_iCYYI&uach_m=[UACH]&cid=CAQSGwDq26N9lERSQfsdOB4IV8wowHzEV6qveMbhjhgBIBM&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8147
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2733
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 08:56:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 2AAC
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 21:35:41 GMT
x-content-type-options
nosniff
age
216377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 21:35:41 GMT
truncated
/ Frame 4971
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dde8a46ba01d610e0a710cda75ad9a7ebec4a108c9955d7f738a676d88f54c3e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5FE3
207 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60f31985dd16d4e48fd9fa90a5713223b6987e79c31f8e3a7af3da81332606f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8147
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 09:41:58 GMT
expires
Sun, 11 Dec 2022 09:41:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 09:41:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 86A8
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 08:34:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Dec 2023 08:34:11 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 4971
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:14:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 20:14:16 GMT
file.mp4
r3---sn-aigzrn76.c.2mdn.net/videoplayback/id/e9427f52eaa3a765/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702287718/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4971
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/e9427f52eaa3a765/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702287718/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r3---sn-aigzrn76.c.2mdn.net/videoplayback/id/e9427f52eaa3a765/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702287718/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r3---sn-aigzrn76.c.2mdn.net/videoplayback/id/e9427f52eaa3a765/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702287718/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/17DB920C1C9981D842E3BFBC5E75CF10916926F8.81F48511FC45867B914CFBB291A4B0F102F4D9FD/key/cms1/cms_redirect/yes/mh/u2/mip/2001:ac8:21:e::10/mm/42/mn/sn-aigzrn76/ms/onc/mt/1670751414/mv/m/mvi/3/pl/48/file/file.mp4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
Protocol
HTTP/1.1
Server
2a00:1450:401f:6::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 09:41:58 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2180330
Last-Modified
Fri, 15 Jul 2022 17:21:34 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 11 Dec 2022 09:41:58 GMT

Redirect headers

date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r3---sn-aigzrn76.c.2mdn.net/videoplayback/id/e9427f52eaa3a765/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702287718/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/17DB920C1C9981D842E3BFBC5E75CF10916926F8.81F48511FC45867B914CFBB291A4B0F102F4D9FD/key/cms1/cms_redirect/yes/mh/u2/mip/2001:ac8:21:e::10/mm/42/mn/sn-aigzrn76/ms/onc/mt/1670751414/mv/m/mvi/3/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4971
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lbj6fo8a&c=3702309865621&slotId=1851154932810.5&qqid=CP_C75Sj8fsCFeWI0QQdZz4BfA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=964&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.xl
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 0088
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=4175459245&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716520&bpp=2&bdt=367&idt=450&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jGbQQPIw0v&p=https%3A//gumoreska.in.ua&dtd=455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 08:34:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Dec 2023 08:34:11 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 98E9
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
161678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 12:47:20 GMT
expires
Sat, 09 Dec 2023 12:47:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 81FB
43 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/2o9k1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bf4a50891fb47c773ffbfef2d7d89732352eeb9155d9293caf3ea18480772ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
16666
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 09:41:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94d1ed14e42ee322a443eea04c4d0202432ce8ecdce00cbcae0787dd82567d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11141
x-xss-protection
0
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 98E9
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 22:27:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 22:27:48 GMT
file.mp4
r3---sn-aigzrn76.c.2mdn.net/videoplayback/id/e9427f52eaa3a765/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702287718/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4971
2 MB
2 MB
Media
General
Full URL
https://r3---sn-aigzrn76.c.2mdn.net/videoplayback/id/e9427f52eaa3a765/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1702287718/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/17DB920C1C9981D842E3BFBC5E75CF10916926F8.81F48511FC45867B914CFBB291A4B0F102F4D9FD/key/cms1/cms_redirect/yes/mh/u2/mip/2001:ac8:21:e::10/mm/42/mn/sn-aigzrn76/ms/onc/mt/1670751414/mv/m/mvi/3/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401f:6::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
7125d9ee95d8ca2e8db7315a85132ae66d804a8a4a9d18ca44347a640bb22f9c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

expires
Sun, 11 Dec 2022 09:41:58 GMT
date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2180329/2180330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2180330
last-modified
Fri, 15 Jul 2022 17:21:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98E9
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BHw735qWVY5OuCPLBmLAP_OqooA4AAAAAOAHgBAI&bg=!7O-l76vNAAYgquz3AKo7ACkAdvg8Wtvq4prJ9yOBPBYGJLlP-8I02JPIzkDk7aT5_KlHXM5RqdxymQIAAABaUgAAAAJoAQeZAsLZJtv0HYWf7vPonnpHI10EVHziwLpWa_rwhzrnooyb9JG7WCAs3mJkdBVEgRF5HFdDBRoiZ1m7DvT61J4etol_JrGRt2wMD0Uz7xsXJOdz6x89OW2HYF0k5P-dxxlmks07Vu7YRwGfkBaiAQ6jWoOa1S6WiM_DDVnv-_uQO5-oGfgVN-VzrouW7uj4RcmIqyfdd0SZ1XHDrjeZ2Ul0ux-3LlPi9_CUBqMd3YkvEmKNI4n8cSaiAZtblWQ5rPS-kfsuFsO9zefsKPXsE57yM2vedbZk06t_wSh0UoskoJGchCpXQX-zUWugxLoSTiLWer_5LTClJxlIPj32JPC6rMbbllC33q1pXLEfogAIeRWSDmPrPXy7hextA20qiZSI8rLmM5QdiQsS3xgSg_1FFeroXe88S6aHFv1XFZE7JBWVIjeGaDvzYXXpV5Ju1TqcJtS2hI-RTDG01CzzGJHyLNq4fKH355bmK-50hZJGrjvSVGhtRVpDRedoERMvN0-Xjg0EAqQ07zfZYMH7geDdhZ31U-ajk_xFMPkuZMQk1abLAUNLVHbpOKwbZdi2Esfd9ujF8pE-E_OiCDpZmi3S7SXsppEv_N7t5BeT_0CK6c-FcI_FOlC60ohp7Gj8cl6s-dFmLZH2dIlS7tNVXiR8IwROMrMPjSqD4U3UpvKUHy8InUOJeL_TFnkt4ItPOpt2lwpo1kmmHlCwLJYnjgx6j-suUovWTQdly0dpTKUqc5r5GUnR0i6VJwsWdukX-kt9Fbhuchxz7z83msLav7lfw56Wo5FGBu2crO86HWmFzbrZtlRJS1_r3JAbamDQQuUKyWRX2jEORyBSqjqt9rsbTrQtPVGB3sq7W1r0sMkiwMt83EJlUJIBJCS9PSwXPJrZs0LWYiPXD8rgYj295V3Pv0iE1UbLFmePXeETeO6NvTOEB_83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Dec 2022 09:41:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 90A0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
2800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 08:55:18 GMT
expires
Mon, 11 Dec 2023 08:55:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 399D
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6363f9b1a92d4572a3fb5e6ca22e89c595e02158167ea1046bbf5121cea25053
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FRDh7qlbs-r5NQ0NODhzWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gumoreska.in.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-FRDh7qlbs-r5NQ0NODhzWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 09:41:58 GMT
expires
Sun, 11 Dec 2022 09:41:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dc_oe=ChMIk7mrlaPx-wIV8iAGAB18NQrkEAAYACCutaxTQhMI_8LvlKPx-wIV5YjRBB1nPgF8;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 4971
42 B
494 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk7mrlaPx-wIV8iAGAB18NQrkEAAYACCutaxTQhMI_8LvlKPx-wIV5YjRBB1nPgF8;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D758165014%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1670751718670;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4971
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ct9q35aWVY7-8CeWRxtYP5_yE4AfkpJDdbcyJrevoEL22wqDjNxABIKWvh29gu4aAgNAKoAH3m-3gKMgBBagDAcgDmwSqBOoBT9BEZ8iwSjHajAqsTlh6Xd5RSqdKE3w31YEDoRGExlQjBa0olX7WRUuEkz1ZvcNnbdheSERrHBG0ekJbXpG0QcCRvniKo3PTplmt1hqJIN9aqKb6-DrtKLD3VTSsfrJcb5258f7lx9ZKaUhKGMxsIps4ZZIbj__WYhTFI-wvgTtQGpGtgWIbKX27mFWrqsb864sUxlI0V6YCUJdzEZ29vY-NaBWo1vu-jY47v7YOjPQSwG4kBb-0PJSwbJiFKmBH6NULQ7zCMbUrDwH9Nc142UcU3YlxE5qxtMPuiIJghFUW6Yfzmtk4xLNcwATCz62pmgTgBAOQBgGgBnaAB_fTvcADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBPW6cIR0BMA2BMNiBQK2BQB0BUB-BYBgBcB&sigh=lCDvfnKfe0M&label=part2viewed&ad_mt=4&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D758165014%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1670751718670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4971
0
622 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuj7VMdkxO1b_TRkRdNcgII1ODCI4G80N8LraMgcLi9KHvffuw_JyNYBCEjtW1kWypb2SDQhJoXMD1oxg5bjuskYw-i89TClBtHSmnBxFP1ES_MfOYrwIWGol__RXSzJWfLLSGLmimLyyB7pjn8M3-5oT03BJNx9iLaHjPQ8AHfqtdcTU3vd-QQ-1GNUxCwsLCq3x4TEvT39dFiNFq_em5K9wpUyBO1_XiDVrypVtJm3CL1zJ2qU2bQhqgsOcpb3kwvf-ap-Bww0FmLexTF_oI1H2Zay4rC8wCDYcUiYMeRDAjvcvMOKZrqIRgMYupYQp1fsAGlnJCFrZiwX-J0OwMblSi1FjLTHQ_1pOw6gz020u-oe8vljFUoESwU8kEsiGfpyo8LatjysZnvwx9jx2bTIR8FThdJyvUH40qyakRpkOKaWTBuYNuiSNu5zCiGpXQ50gkZS_N5BYpo-8d9sFa6acrgpqAggLeJY9R0krX_bOlIEQQZ0EIjemrdsa4ffHsX-UjAVPGd_DbqFTXJW_6LcC5WYcZJUipdhcSPypA5WN2A5yMiTnt7JyI0xEyKp3joapbHY9muqMBESH3k-d9iVtA8j_wijEmzSTuTtDkUI_1u9BV2QzyPxRLvRjxqaBC9WRdegd3iKuX9SyIwbUKfst9ysYl_-J2k56gbZBqELUFb8u5H-dBrW47XaXy0mnBgCOBsBklB-npkoxFh6wnSYsH3QApQopiZ7mrB5Q3WWdHFDeWhj09kchLeHR-wKUt7MglS1aFcMB82I6zr4ef2ZybDZebk-V-lh1hhdAIr0XuAt8oEXgLnyALW8HQA6ggW-FhulVdYIobPjsvHXCKTuzJoPnRz-Kk0fyUhxPM5O5jBipzQyk-xcvnGxPD2-jmypnR_VLVz79GvcGhESOX9SumGB8LZ4oqXrIn1bU3uOnQQBAb9QAcjUySfBO54ed0R8TQbniuymASJuvEAkBpTxMNou6_AG7gVRKpSo8xBi51BrSPqgGpol-QyYsIRp4ZFyF933afGTtD5-vI5nQKAgghA4ttcuSU0-DtzjOZO3tSllSRmM5VPDftYuNcULKDidgAwc7osQn63Xlsilntg0JiGNMJ0w8R3FAo5BDCdYHQx5A_RDo-c&sai=AMfl-YQqWvaiR9XyD2ItTzwTfG0_03CssXpI6hm1bf_u8Ci8GsYXGI9B2GMZzSPljp3t-GbBGMpdzzEVe6nESFhN__TOj54FyKyvx57Crti8lSBsB--K1evhUuiwY9YcVlm2z7sXLjANopTTeBiKhTry14sogp-AtswBpZ-_sWM_NqN1JTzmFk29XFCcMg&sig=Cg0ArKJSzLX-qzp5yjweEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4971
0
16 B
Image
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBC6zZbUAxjLg7DPASABMAE&v=APEucNXfXNdHpJbyo2hJUbNcIA3efAu3k2QMimuF2ivpxp_P4J1-CyJHoDlBW2U7nTpc3Ct4FJx8hU97cI2jNHk9y7pVoUGv-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4971
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIk7mrlaPx-wIV8iAGAB18NQrkEAAYACCutaxTQhMI_8LvlKPx-wIV5YjRBB1nPgF8;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos...
ade.googlesyndication.com/ddm/activity/ Frame 4971
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk7mrlaPx-wIV8iAGAB18NQrkEAAYACCutaxTQhMI_8LvlKPx-wIV5YjRBB1nPgF8;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D758165014%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1670751718670;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4971
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui89CSmNoGVpCrzhkZdMFF6CDrsDyk-PcskL71quJULgvsJoPbJGm-Pqinu7LRgBKkyXqhHbHiG8QVkTsp62pH8_7oV-KgLz2StYWKUl8y7SX8Cfh3kh8lbzkwkxh9cSe7XpmsCg&sai=AMfl-YS1mCAmW4_8yDhSd31b8RUL1J51LkgoPA-rTyto7pVlCI-gWpHG5OFxrKdk3CEHRAJok9s4jw5prpW_h5I&sig=Cg0ArKJSzPLXZ_iBi7KSEAE&cid=CAQSGwDq26N9lERSQfsdOB4IV8wowHzEV6qveMbhjhgBIBM&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D758165014%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1670751718670&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4971
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ct9q35aWVY7-8CeWRxtYP5_yE4AfkpJDdbcyJrevoEL22wqDjNxABIKWvh29gu4aAgNAKoAH3m-3gKMgBBagDAcgDmwSqBOoBT9BEZ8iwSjHajAqsTlh6Xd5RSqdKE3w31YEDoRGExlQjBa0olX7WRUuEkz1ZvcNnbdheSERrHBG0ekJbXpG0QcCRvniKo3PTplmt1hqJIN9aqKb6-DrtKLD3VTSsfrJcb5258f7lx9ZKaUhKGMxsIps4ZZIbj__WYhTFI-wvgTtQGpGtgWIbKX27mFWrqsb864sUxlI0V6YCUJdzEZ29vY-NaBWo1vu-jY47v7YOjPQSwG4kBb-0PJSwbJiFKmBH6NULQ7zCMbUrDwH9Nc142UcU3YlxE5qxtMPuiIJghFUW6Yfzmtk4xLNcwATCz62pmgTgBAOQBgGgBnaAB_fTvcADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBPW6cIR0BMA2BMNiBQK2BQB0BUB-BYBgBcB&sigh=lCDvfnKfe0M&label=vast_creativeview&ad_mt=4&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D758165014%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1670751718670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716522&bpp=1&bdt=369&idt=462&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MBeycXXWpP&p=https%3A//gumoreska.in.ua&dtd=466
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4971
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lbj6fody&c=3702309865621&slotId=1851154932810.5&qqid=CP_C75Sj8fsCFeWI0QQdZz4BfA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=964&mt=video%2Fmp4&vs=640x360&dm=15000&ple=1&umsem=0&event_name=first_play&asset_bytes=197466&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1az~videopreviewstarted.1b0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 90A0
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 08:34:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Dec 2023 08:34:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 399D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=723183364295668&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 90A0
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?U_bxTw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3464
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY9arexgEwAQ&v=APEucNUPeMKuqjgGQahjbFdAkknN9j5DFDj_cyzMyp2WrDMlg83cs3Z1pxzuFJQxKOIAcFEAtJy1MHs5q6fqCrfVhchtoslLLisk6A5kCtLb4dMZdUl4QJ43OVBrsByZDlVY3YAjxLIAMs1Odxc8-yqpet0MykWtSL_M_wYYV88mdFfSlb1qHmI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 09:41:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5035
15 KB
11 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AD3G-7jd1D5EMiRy4ZqJbdQsbMyR30Dsi7coNSWJzg6TQZHdP7NX8CVwv1Pxx6fspzKp3e2Sj_cp9P4AwCCN6P1ebnK7_7q7dhc-a1s7yCA6_so-xnrfKfYproXHfgWYnQNZ-LDIMwIAo8ds6_Xm2INCEdhyjThRyhKpWEfzLPJSHOVhU&cry=1&dbm_d=AKAmf-ByHr48I0ZzLmGaDg_mFYH_HgPFyeJP9BjnZ3VQKI6X74mynTf3XOFj2LQiSNT5TiXGrKsTz07ITexqvfKuenyCKkDkJ69aDhHj40joFsE8hzgDAl13nsFbJ5EaQVUHgLwVLuDxSR9x-ns2FyJ_dRz2SZPREIeGiq3hL4SeZ7ISZI09HaJofQajU9qu1rOY9vp8Y_y0xmg6NKncnsBh9EyZxmT9zEoDtgctNWj4Sxu_kz6y6eBqfw16wZc9fXo6s1GpclOAVbInkayg9fl7Q_f2LCpppUkg8hz4MMgiaM1Mmh_TXcygzOV9epba2AOxW7RAJjKhy155VTXooocgowTdSR0pOWrU3Y4jMjlLPHtnZvI0bN0fnNMJCJRTNup0pyt3KMteH-WQ8RKewk7eDl1YcdE22W_UshE4T5S6sjeoRG7vt5gIw7C0Zwu1Y3YziLctN8ryHAn3PwIal8xXec2VPWMcLqbykKAgs9_0che1UyaFbM8Xo4IhRRYwXoFL70LmG9k8bVfVECLT2ZN4mgX74FuyfiE_Cwmb38Rdh2xzj_6mRNuQgZ4o8xdVeKS6ElA4U8_LMcaW-Wd8Gs9YsKgyQYZxP5UDJjGLDw5m2vsN_7-bcMY-OLK8nc127W3VDw7iSwmycGCxhvkVdeU0dFj6BsbHr8YRu86TiQcAJIGb6E-K81HK65P0jCD-t_Q_1dlYpiYYW2p6VwrwBxhogk5g4zJSIyElpgZWmqU8A_5Jvi3N60XlXgp46jO0Z9gCf4g94Ve1YSMXRWWIlmXm0859XbN7lflRIE-Kp5K71drkgo2KKwASQ3iRVJitbDtX4v7gP8RxFGCbiRFtquETNDfo8lPWGVbza4YAXca4sIpfFg8Rcagi0ffsyBiemOda6wwhGRzXakZDDW5pPW5fLHbYwVm7qGXM_iqGeZVaXD-m9vP8kqC00L93JQmhGM0PDphHx2TAMHCIRgeEgub3PvRVCCKCjmB6HxZAKdar2syBRePTEfztFoFBUzjVzoV-eA1_-mUubxB6koa7a5SPZKtho-vsGF_ffR--JgsOR3OUHI5Kvmkap5hbjR4-U0mhEbQtasKGrxJUzcTXkpTTqGSNMnNJdpEumcCwXmmYZfKSjEsN-R4_Tq527Iohn7vRZIqa0QUSVIsdTn_2VGIX3Tth02y8pl5mqhwnczXNWu7IA_vSsEBXUYcxvPHYibfzst4GOOYHsAjK8q5D6UIo-QgZbwa3N8lYKP-7EY3SdXHwzhBRMu4jsDbMpgFh5FTK5_hZHsbXaDAVl7D2_vvCv1lX_xnjNIqzcpEC0o7tDkLPReFNbD8asqiH0OaekiRgUIpuUzbEkiExy0Eih7ANyGnHbVp46END-GeyYVZn8b3_896juiRclU0ABqVKCQ23a2-qfPIYUwlo-D1ohYXpmFHKzFKMXXzxeNK9toVc3G5zKqkzZuPyq05c-AgMzdQvKBHO44cyP7ekHDm7yVj5A5knHFNio1TSu-FCrel7-MxnZIPIxJ9--pATPZYTFnsCXqfUVVLt-5odDEPizeQDJAO69v2CcUyZP5sTPqiQtfFLGSxRW9bqPb2JUIaX-ndkwWn7o2sP8v3IpPET8AIdWon1aU1GASA1ZV2-S7WsGW2ydei6cXkD-aVQkiJdkpK18krRGX7WoDVH-pN99m0WyeYVCxGysOZ54vSyusBUOv38aiMT5EH1yiGkcKICaNhPaHWPjnP-sAH9zH7jEZkcoTliYO4pqgm0PqFSbEWpP3B0gGZ2QFyv_lTKh_ChLKvO6GUyYGS1oYDjEXUZTW1R0f8_RdVt7vCOBxGs4Ab3qpFM9PSbFBkfQ_xP9HUYBC5TQkSOqDhvmR7VBgaEBZPygj078u_noCbaoITkRST67QSJCOqaIDSpPJuww9vZVeINEKphTL2gQK2hTDkGq5hRa6yUiFpKnTIYxZuk6Ice5TAEHx9pqQbQN8RgonqLQwZErwv2nDDp_07pwyk11jBJ6CBIV-HZXY_lp1L4FvkIbzHm-hfe6Cj7eDdVA61uk4kmjVIh9_ILZ5eGTIuJJKoG2ZNrEzN8A1Mz1xao2JaVaBnrPei1REh-rrmV5nFrjxZ4WQ6GMoIYwP1vLjsYBeyy70SKPcGfP9Lj9pPESZ23fDm2e2HYg7X0DbW89NOIFKHkdfBGfBHmJy5ykup6-gUnWS8nrus7GG_3ieMNc7Ydti98w3OLzBdgtAtK1VSMR0ggUZCa8eqeGQ7kxlPevhGMZfuX-AuY1LaeFzhQ7tLXy81QTHFtQbZkX3HMul97vV3l-tw_qR_7SH6tm8_ci_9SNErlaB9uHvyOEj6x-SawJFd2bgwRVUvqwukFUkhWYFL-4fldaEpGA5_yMY03DdgWpN3muE1WUpvKEgKj6URBQiMKyU458mKrgwnLEoraueU0lOBEcQCg7ikkRq4RhJs7dGAHTRhU13U1y_QjTU-E_DLI6PXXxPSBWRkVDtRn4kSUbwtZv8w7Wya2cUyvuUhXIhF0gyYHh_q8YpvuFKd9VoGYxeHTIom808HS5glO8pKPYJdSmZh-uzk36HOlIjAmvemOnulvJZXF1yEDdHbeu7WWyEeme18ffiKRj50iE4eO3a7T6bT15Bgi_M9aRrqrqgTkgPGSgO_6PDeYCQC9k3g9xrMikrlr1QkVSMyB_TSFweclK_AaKJTAumlFDv6juBdGptUmpyZZe8I5YunuMh3sqIWcHbfQMJgnRBA8YLEylIPq_J9htU6QB6YQPBkvz5hwLRwkpF8QoN69vgIV6yRE7852vBFCGvUU6w_VseJBiepRPVHd4Ts45bH9ehjKWr1-kXJI4KW4raflfHWPiWHjw-dz4YeWstmx4vospnDckjaCJvvbUI6ykt2Rp4voIyMIJC0KB7XtLxuWv2vZb3HwvVhO6HZjKclZAX6I4JZdwUWunWDQY5uTsjSBEwk21fyDWj-YZ-ShdyUEW74rO7NA3NUpY2pvPK44M85ZisFUDeIqmuauvoAnMxfZ0VGFTLGz-GMAOMxH9DND1EkzJpfbG9JhR1RFrkYOo5euDUbQ993rTXfbIrt0irUA57Qipv_paRe3zY2V5aSq_HcG5ptc8J5vDDCWVEod4YJFpZyaVUmsrEAOT8kg501oHW3TIKnhuwa1DIkf4cRtrQTN7-1YYz7q1qnZVtK0iOAlGVwi5LCNcL2kqOzGL60a9ilsRtIitIpgghihfeLW1mHxvtA-dFJNkV5xOe9gozaFJxTx4eQWOmW3Ma_iVQnt3kXjB1qNezv4wkwOhQR7_runoFwBrMZNxlsfJSkvlxdQGhgO2GcGlHdwG0MI3d8k-PmmmNwA1rAUZTb-EEQAJUHj1DGp3HIhI_Q&cid=CAQSKQDq26N9THkDx_iAb2xzKEToZe_7o6BFxTWQzc2blsPdY-ZAVFDDjjivGAEgEw&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce3e333617066f73ecc101d0aaa0036d5a99baf632780f66cb58f2694b7e964d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11422
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 5035
2 KB
1 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=177894&plc=6418431&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0i7mvJJ2RnRJwigqSGOdM4m&DVP_DBM_1=3060631&DVP_DBM_2=24779301&DVP_DBM_3=16741108292&DVP_DBM_4=416781685&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=620162386246&turl=https://gumoreska.in.ua/&DVP_PP_BUNDLE_ID=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 09:41:59 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:55:21 GMT
Server
Microsoft-IIS/10.0
ETag
"42b02eb945ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
dvtp_src.js
cdn.doubleverify.com/ Frame 5035
8 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0i7mvJJ2RnRJwigqSGOdM4m&DVP_DBM_1=3060631&DVP_DBM_2=24779301&DVP_DBM_3=16741108292&DVP_DBM_4=416781685&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=620162386246&turl=https://gumoreska.in.ua/&DVP_PP_BUNDLE_ID=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 09:41:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 11:39:13 GMT
Server
Microsoft-IIS/10.0
ETag
"8065f8730ad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3315
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 5035
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 08:41:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
3607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 08:41:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 5035
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 12:10:29 GMT
l
www.google.com/ads/measurement/ Frame 5035
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRH4rrfU4NxVX0ignPeWauJS1mvdQ2OqYR_B4RbP3e0EP7lTKDJhSjHgLTq46Dx1Dhovq2MCYzdTAPwrDdZ7d1fflyTYg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5035
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Dec 2022 09:41:59 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 5035
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 12:10:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5035
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AwWilVku7ZjcIHFTtWJJ2nCfeZJAtNsZVj57bUAl-SR5w5y8vZ2iS_HgKKeqq3u_TfhuH7bFSILw6UgWJfwUETt8PYvsvcc0E6-SI0g9q197uTkuo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3464
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSw9qgptZqV8a0bXUw60O8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSw9qgptZqV8a0bXUw60O8&google_cver=1&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSw9qgptZqV8a0bXUw60O8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY9arexgEwAQ&v=APEucNUPeMKuqjgGQahjbFdAkknN9j5DFDj_cyzMyp2WrDMlg83cs3Z1pxzuFJQxKOIAcFEAtJy1MHs5q6fqCrfVhchtoslLLisk6A5kCtLb4dMZdUl4QJ43OVBrsByZDlVY3YAjxLIAMs1Odxc8-yqpet0MykWtSL_M_wYYV88mdFfSlb1qHmI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 09:41:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 09:41:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESENSw9qgptZqV8a0bXUw60O8&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 3464
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5Wl550zd.7.cHCWwwuXyQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSw9qgptZqV8a0bXUw60O8&google_cver=1&google_hm=2
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSw9qgptZqV8a0bXUw60O8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY9arexgEwAQ&v=APEucNUPeMKuqjgGQahjbFdAkknN9j5DFDj_cyzMyp2WrDMlg83cs3Z1pxzuFJQxKOIAcFEAtJy1MHs5q6fqCrfVhchtoslLLisk6A5kCtLb4dMZdUl4QJ43OVBrsByZDlVY3YAjxLIAMs1Odxc8-yqpet0MykWtSL_M_wYYV88mdFfSlb1qHmI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 09:41:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENSw9qgptZqV8a0bXUw60O8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3464
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIW1yYrEXQddOt3bMDY6Xb4&google_cver=1
43 B
1020 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIW1yYrEXQddOt3bMDY6Xb4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY9arexgEwAQ&v=APEucNUPeMKuqjgGQahjbFdAkknN9j5DFDj_cyzMyp2WrDMlg83cs3Z1pxzuFJQxKOIAcFEAtJy1MHs5q6fqCrfVhchtoslLLisk6A5kCtLb4dMZdUl4QJ43OVBrsByZDlVY3YAjxLIAMs1Odxc8-yqpet0MykWtSL_M_wYYV88mdFfSlb1qHmI
Protocol
HTTP/1.1
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 09:41:59 GMT
AN-X-Request-Uuid
f5dd40eb-7af5-422e-a383-743ad5dda1c7
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.102; 217.138.196.102; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIW1yYrEXQddOt3bMDY6Xb4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3464
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0NTk3Njc1MjU1MzAwNzU5MA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0NTk3Njc1MjU1MzAwNzU5MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY9arexgEwAQ&v=APEucNUPeMKuqjgGQahjbFdAkknN9j5DFDj_cyzMyp2WrDMlg83cs3Z1pxzuFJQxKOIAcFEAtJy1MHs5q6fqCrfVhchtoslLLisk6A5kCtLb4dMZdUl4QJ43OVBrsByZDlVY3YAjxLIAMs1Odxc8-yqpet0MykWtSL_M_wYYV88mdFfSlb1qHmI
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 09:41:59 GMT
AN-X-Request-Uuid
bef61fd3-fb17-4b1d-884a-526962970656
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0NTk3Njc1MjU1MzAwNzU5MA%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.138.196.102; 217.138.196.102; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5035
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AD3G-7jd1D5EMiRy4ZqJbdQsbMyR30Dsi7coNSWJzg6TQZHdP7NX8CVwv1Pxx6fspzKp3e2Sj_cp9P4AwCCN6P1ebnK7_7q7dhc-a1s7yCA6_so-xnrfKfYproXHfgWYnQNZ-LDIMwIAo8ds6_Xm2INCEdhyjThRyhKpWEfzLPJSHOVhU&cry=1&dbm_d=AKAmf-ByHr48I0ZzLmGaDg_mFYH_HgPFyeJP9BjnZ3VQKI6X74mynTf3XOFj2LQiSNT5TiXGrKsTz07ITexqvfKuenyCKkDkJ69aDhHj40joFsE8hzgDAl13nsFbJ5EaQVUHgLwVLuDxSR9x-ns2FyJ_dRz2SZPREIeGiq3hL4SeZ7ISZI09HaJofQajU9qu1rOY9vp8Y_y0xmg6NKncnsBh9EyZxmT9zEoDtgctNWj4Sxu_kz6y6eBqfw16wZc9fXo6s1GpclOAVbInkayg9fl7Q_f2LCpppUkg8hz4MMgiaM1Mmh_TXcygzOV9epba2AOxW7RAJjKhy155VTXooocgowTdSR0pOWrU3Y4jMjlLPHtnZvI0bN0fnNMJCJRTNup0pyt3KMteH-WQ8RKewk7eDl1YcdE22W_UshE4T5S6sjeoRG7vt5gIw7C0Zwu1Y3YziLctN8ryHAn3PwIal8xXec2VPWMcLqbykKAgs9_0che1UyaFbM8Xo4IhRRYwXoFL70LmG9k8bVfVECLT2ZN4mgX74FuyfiE_Cwmb38Rdh2xzj_6mRNuQgZ4o8xdVeKS6ElA4U8_LMcaW-Wd8Gs9YsKgyQYZxP5UDJjGLDw5m2vsN_7-bcMY-OLK8nc127W3VDw7iSwmycGCxhvkVdeU0dFj6BsbHr8YRu86TiQcAJIGb6E-K81HK65P0jCD-t_Q_1dlYpiYYW2p6VwrwBxhogk5g4zJSIyElpgZWmqU8A_5Jvi3N60XlXgp46jO0Z9gCf4g94Ve1YSMXRWWIlmXm0859XbN7lflRIE-Kp5K71drkgo2KKwASQ3iRVJitbDtX4v7gP8RxFGCbiRFtquETNDfo8lPWGVbza4YAXca4sIpfFg8Rcagi0ffsyBiemOda6wwhGRzXakZDDW5pPW5fLHbYwVm7qGXM_iqGeZVaXD-m9vP8kqC00L93JQmhGM0PDphHx2TAMHCIRgeEgub3PvRVCCKCjmB6HxZAKdar2syBRePTEfztFoFBUzjVzoV-eA1_-mUubxB6koa7a5SPZKtho-vsGF_ffR--JgsOR3OUHI5Kvmkap5hbjR4-U0mhEbQtasKGrxJUzcTXkpTTqGSNMnNJdpEumcCwXmmYZfKSjEsN-R4_Tq527Iohn7vRZIqa0QUSVIsdTn_2VGIX3Tth02y8pl5mqhwnczXNWu7IA_vSsEBXUYcxvPHYibfzst4GOOYHsAjK8q5D6UIo-QgZbwa3N8lYKP-7EY3SdXHwzhBRMu4jsDbMpgFh5FTK5_hZHsbXaDAVl7D2_vvCv1lX_xnjNIqzcpEC0o7tDkLPReFNbD8asqiH0OaekiRgUIpuUzbEkiExy0Eih7ANyGnHbVp46END-GeyYVZn8b3_896juiRclU0ABqVKCQ23a2-qfPIYUwlo-D1ohYXpmFHKzFKMXXzxeNK9toVc3G5zKqkzZuPyq05c-AgMzdQvKBHO44cyP7ekHDm7yVj5A5knHFNio1TSu-FCrel7-MxnZIPIxJ9--pATPZYTFnsCXqfUVVLt-5odDEPizeQDJAO69v2CcUyZP5sTPqiQtfFLGSxRW9bqPb2JUIaX-ndkwWn7o2sP8v3IpPET8AIdWon1aU1GASA1ZV2-S7WsGW2ydei6cXkD-aVQkiJdkpK18krRGX7WoDVH-pN99m0WyeYVCxGysOZ54vSyusBUOv38aiMT5EH1yiGkcKICaNhPaHWPjnP-sAH9zH7jEZkcoTliYO4pqgm0PqFSbEWpP3B0gGZ2QFyv_lTKh_ChLKvO6GUyYGS1oYDjEXUZTW1R0f8_RdVt7vCOBxGs4Ab3qpFM9PSbFBkfQ_xP9HUYBC5TQkSOqDhvmR7VBgaEBZPygj078u_noCbaoITkRST67QSJCOqaIDSpPJuww9vZVeINEKphTL2gQK2hTDkGq5hRa6yUiFpKnTIYxZuk6Ice5TAEHx9pqQbQN8RgonqLQwZErwv2nDDp_07pwyk11jBJ6CBIV-HZXY_lp1L4FvkIbzHm-hfe6Cj7eDdVA61uk4kmjVIh9_ILZ5eGTIuJJKoG2ZNrEzN8A1Mz1xao2JaVaBnrPei1REh-rrmV5nFrjxZ4WQ6GMoIYwP1vLjsYBeyy70SKPcGfP9Lj9pPESZ23fDm2e2HYg7X0DbW89NOIFKHkdfBGfBHmJy5ykup6-gUnWS8nrus7GG_3ieMNc7Ydti98w3OLzBdgtAtK1VSMR0ggUZCa8eqeGQ7kxlPevhGMZfuX-AuY1LaeFzhQ7tLXy81QTHFtQbZkX3HMul97vV3l-tw_qR_7SH6tm8_ci_9SNErlaB9uHvyOEj6x-SawJFd2bgwRVUvqwukFUkhWYFL-4fldaEpGA5_yMY03DdgWpN3muE1WUpvKEgKj6URBQiMKyU458mKrgwnLEoraueU0lOBEcQCg7ikkRq4RhJs7dGAHTRhU13U1y_QjTU-E_DLI6PXXxPSBWRkVDtRn4kSUbwtZv8w7Wya2cUyvuUhXIhF0gyYHh_q8YpvuFKd9VoGYxeHTIom808HS5glO8pKPYJdSmZh-uzk36HOlIjAmvemOnulvJZXF1yEDdHbeu7WWyEeme18ffiKRj50iE4eO3a7T6bT15Bgi_M9aRrqrqgTkgPGSgO_6PDeYCQC9k3g9xrMikrlr1QkVSMyB_TSFweclK_AaKJTAumlFDv6juBdGptUmpyZZe8I5YunuMh3sqIWcHbfQMJgnRBA8YLEylIPq_J9htU6QB6YQPBkvz5hwLRwkpF8QoN69vgIV6yRE7852vBFCGvUU6w_VseJBiepRPVHd4Ts45bH9ehjKWr1-kXJI4KW4raflfHWPiWHjw-dz4YeWstmx4vospnDckjaCJvvbUI6ykt2Rp4voIyMIJC0KB7XtLxuWv2vZb3HwvVhO6HZjKclZAX6I4JZdwUWunWDQY5uTsjSBEwk21fyDWj-YZ-ShdyUEW74rO7NA3NUpY2pvPK44M85ZisFUDeIqmuauvoAnMxfZ0VGFTLGz-GMAOMxH9DND1EkzJpfbG9JhR1RFrkYOo5euDUbQ993rTXfbIrt0irUA57Qipv_paRe3zY2V5aSq_HcG5ptc8J5vDDCWVEod4YJFpZyaVUmsrEAOT8kg501oHW3TIKnhuwa1DIkf4cRtrQTN7-1YYz7q1qnZVtK0iOAlGVwi5LCNcL2kqOzGL60a9ilsRtIitIpgghihfeLW1mHxvtA-dFJNkV5xOe9gozaFJxTx4eQWOmW3Ma_iVQnt3kXjB1qNezv4wkwOhQR7_runoFwBrMZNxlsfJSkvlxdQGhgO2GcGlHdwG0MI3d8k-PmmmNwA1rAUZTb-EEQAJUHj1DGp3HIhI_Q&cid=CAQSKQDq26N9THkDx_iAb2xzKEToZe_7o6BFxTWQzc2blsPdY-ZAVFDDjjivGAEgEw&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 07:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 07:06:25 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5FE3
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4TKJd7PL2lR8PygoR3n0kolec2-0Gi3bZxj_Y5tTUHb-jH3ORtYeiGVb-0IJqn1lJH6o4CJS2gVOCgxzeoZyb0aup9xiCoAjfy1S7wVvaZSHqI6pB3YSaGkw8pciSzfv7KS3_dQ&sai=AMfl-YR1aPvKzmgEe61R2cXWkF41AMIB_S8Tzc7sjogr4fHZFJc-TGKkGfVyJ0w3fsSMmQZE2N1Fn70nk657GBg&sig=Cg0ArKJSzJGIVXZpxcpwEAE&cid=CAQSGwDq26N9Te4rM7-V9J4vCk0GYYWbhqFJD9T3ZBgBIBM&id=lidar2&mcvt=1000&p=1,0,83.84375,646&mtos=0,845,1000,1006,1006&tos=0,845,155,6,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670751717769&rpt=271&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7402
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
49005
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 20:05:14 GMT
expires
Sun, 10 Dec 2023 20:05:14 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvbs_src_internal113.js
cdn.doubleverify.com/ Frame 5035
59 KB
19 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=177894&plc=6418431&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0i7mvJJ2RnRJwigqSGOdM4m&DVP_DBM_1=3060631&DVP_DBM_2=24779301&DVP_DBM_3=16741108292&DVP_DBM_4=416781685&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=620162386246&turl=https://gumoreska.in.ua/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 09:41:59 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:56:00 GMT
Server
Microsoft-IIS/10.0
ETag
"0b85bd045ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19448
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 7402
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 08:34:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Dec 2023 08:34:11 GMT
verify.js
rtb0.doubleverify.com/ Frame 5035
443 B
548 B
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_462137208749&jsTagObjCallback=__tagObject_callback_462137208749&num=6&ctx=1828362&cmp=177894&plc=6418431&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=462137208749&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=99&bridua=3&dup=null&turl=https://gumoreska.in.ua/&chro=1&hist=2&winh=250&winw=332&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0i7mvJJ2RnRJwigqSGOdM4m&DVP_DBM_1=3060631&DVP_DBM_2=24779301&DVP_DBM_3=16741108292&DVP_DBM_4=416781685&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=620162386246&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=8&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTau8F%3E%40C6D%3C2%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau8F%3E%40C6D%3C2%5D%3A%3F%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=5.40&callbackName=__verify_callback_462137208749
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
85ce8217076eba220dc50fcde420be5ea67b9e22dbd497cb888c42ff2b0a87c4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 09:41:59 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
12/10/2022 09:41:59
activeview
pagead2.googlesyndication.com/pcs/ Frame 2AAC
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjuXkBpXZjn3NF92kFmKL7Ph4ZAjE0Yp4Bs_MPcpqMHu6vyi_IHG0ei7Tr0v6tPiwpbhzo_XM3Uq9BS62bv7StjbAnXHUITPh6eblgmQEunwMHD22pgSMKFJRPomVPqxQwHiGFiMn3cPRRIOUEpbgELLh3pQh6492IesuqpgSoWGwz3hvYLQoc_zrQYDOmQyccP9W8WZ6B_N789GRBULZF6PBST63jHQxNqgJF-b_xAy03_OOLRdconAFeLOgDe5U7Pd0jdOPwIh173N-3XWepxtLyxPLjAXJPxaLqIWUZHEPWfNI3kTrHz1vqxdGWHzdbYbFTlrycHnVsHw1JZ8pykQvsOWDfHCn1xf5ZFaDtawv5PhWhLSJvw3N1yfCepM78dHafBKZg0cbwHBYzUhGpgMuSgH0oA_9cm3UGErf1Ve9PATTfmft0j6V_mGMlbLB7fyqW29bTnPicwmZwlTg-wtYRLpxVkuGzauDHXidCpr9_Oxw3i-IotETSBkzrkkEMMAgLEmDNeAwcJwNs6AjX-ZD7fRJxmxO8uGeN8onBpARIrKlkvvOMNFDVOtY1peMk-3cvE_OWRxUVUMGyMlOa0oLfXnPac0QsPFz0ReiexlG7dGRfuY15OzuaFqoLFl6UtSqMLvKsqpvs8URU2J4RUAI_xcymtM9JEHDTd9x106Nv279wmvqvm14_pbfeITgx2Bb94FIkrQk2Lo4BNvuHmZ0_Ai0fnx6p2VvXJ4AlFULoTgwtG7h2EBVr_lruSAVmE6iwhG9VS_wPR2fXhL5ZRXo47qkaxRPcS9YtX2Kj0pGtELb35XeA2CzYLbsPJElFqtIiEMjTmupZNic_-Qu5ups5UuyF6jN94uERILClKtGIKn4vo4YeiKHsZjDwl1Zo1b9_Q3X7xo9vykhUvy2JVRKKfkIF5-UQlC07Ra5UbE7lAwBIVQdI-TLSNrDEcUrUYt1JzLAKYHmTTY3RRoUBae1CFJldD3QSPP4N0pof_QOysvN5Q40Ls-_vPbQwpGwLWoMGaMP4ZA&sai=AMfl-YSA-QqPgMo_rDkXqU7u7dt6CHWHFOEGfonoF8mHcyL89zT-Ny2YITAThYFFP6cGCZBLdBrbjfCivF8PNSI-HFAwacYWLNlYsM7K&sig=Cg0ArKJSzLKHIJKLJOfiEAE&cid=CAQSGwDq26N9LFL8sy8XheBjwiquRag0mfGG63NzMRgBIBM&id=lidar2&mcvt=1006&p=0,0,280,1160&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1253207218&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670751716976&rpt=1284&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7402
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH7Kc5qWVY5bkOreG9u8PgYiwuAIAAAAAOAHgBAI&bg=!aWqlai7NAAYgquz3AKo7ACkAdvg8WlBeaswtgxwsXfoXllYCKEhOmMzFvOIZbM6aghjzgUkArIIj5wIAAABgUgAAAAJoAQeZAutEXsX6r-ngcC5K6mRBF9bMZH8xRq9PQhINASk4nP1igOkVhkiYQqsCya8Hs5ATooSV0M67iy4-_2WXJdJO2d6DbP6UiHeBLJH0a8IUxeHGFfv09GODjqDtZ7L_qL42ablIcseyqMq8T_MIC_VssvnURyoBOs1sQzEzBKs3THXXu4zFQ6aOZp3knee49tWrcG0uAcTr8wc68FjR-NX4XYe9I4sNdQ5UK6lAR4PuUl1-JKijibE72bGMVe0QMjL-SaZfOW54ArwU_jxhP8huXzIY4jNDonAKVdT_71v7tWd56xrdk0bPNcQ6urlFFDHa-Vyss2cTesSnO4gyTeqfYQkGXp7rfXtAWPieWElYaKM1NQJGrFJCbKP-hEnFxH7gP00WdlMzJLsc4O3jVRffxegeKkpRdLjI51LdOBBuGQgHVBlsbekKmAQMI3aGlfisSNqzXDf_R2OMMFWsDudP7nlOQGJLuoNq8nGpJhv1VJMxqHVZ_nC5UCx2LQd-S0FgVqSsZ-Ami7Yc7gBJjNrkPjwb11UkY4jLztQa5sEpcVRP23phUdG7NQCxDfxs109hakr56bphAyiJNQVTK1c6xOJV7eyj6xrbre91fekBx_-C62wc9pd47q6CbGnNn7edweeAPU7mgOsFl7gAiaFcpu2yCdvDAxhKNeOpUYCnRVU4KKnBg7hGqcJT_XDh2NWWs6171Gng75DbVareQ0Goc4dH-DiWIjQ9g2VSobkHQqtkPBz_q5eHXHCnnjBzNNOzmApnudoY8gLXVD32pMKsBvXNDk-ZwzaVXuM99Ms8DDYPQdIXWH0moEH-S8i1mY2o6giMJQwb9SUjYRmhbzKrvnKfpx_xBQ2PX1OvHwfSH88Ghec6__JRqONXsdWJVm5yEY9knjLKmjTqd65r0G6IYxwkPUv5x6nQxfpbGo3l7xDwSMyHk-flYYBuw_cx0iq0QzqRydWl8E6uBfi25qLHGQfXAvkijDIC3H8Ptd8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv-measurements3317.js
cdn.doubleverify.com/ Frame FEEA
552 KB
106 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements3317.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 09:41:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 09:45:11 GMT
Server
Microsoft-IIS/10.0
ETag
"80ad389920ad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108147
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2848
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
71799
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 13:45:20 GMT
etag
48472445140208031
expires
Sun, 11 Dec 2022 13:45:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5035
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
608bddc1b2101e695af06613cef4d5a97e0db87567b07e0d3c7d33764a65ae5f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
/
servedby.flashtalking.com/imp/8/177894;6418431;201;jsappend;DV360;DV360FY20CCLALD2PandTWPCombineUKDSKBAN300x250/ Frame 5035
3 KB
2 KB
Script
General
Full URL
https://servedby.flashtalking.com/imp/8/177894;6418431;201;jsappend;DV360;DV360FY20CCLALD2PandTWPCombineUKDSKBAN300x250/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9735848914219258%26output%3Dhtml%26h%3D250%26slotname%3D3497597976%26adk%3D4253229104%26adf%3D3753362141%26pi%3Dt.ma~as.3497597976%26w%3D332%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1670407375%26rafmt%3D1%26format%3D332x250%26url%3Dhttps%253A%252F%252Fgumoreska.in.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1670751716524%26bpp%3D1%26bdt%3D371%26idt%3D481%26shv%3Dr20221206%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1160x280%252C808x280%26nras%3D1%26correlator%3D527269080874%26frm%3D20%26pv%3D1%26ga_vid%3D1460323384.1670751717%26ga_sid%3D1670751717%26ga_hid%3D1600452925%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1068%26ady%3D752%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C4475&us_privacy=${US_PRIVACY}&cachebuster=622761.4402225901&ft_dv=%5B%25ft_dv%25%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.57.2 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-57-2.deploy.static.akamaitechnologies.com
Software
prod-xre-app11.frk11 /
Resource Hash
5c933567e6f97958cf449e77d632cfe79a867f4a6bc2a2ac4338b516e3200c02
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 09:41:59 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app11.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1254
Expires
Sun, 11 Dec 2022 09:41:59 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=723183364295668&bg=!BQalBkLNAAYgquz3AKo7ACkAdvg8WmPHgASkWwCxJFwk-tpSz6c50R3a7-cM-_FZkWIMb-1YRxehEQIAAACbUgAAAAJoAQcKANUL0raWdKg4PVyOMNSUM-Kiou2zTlMI9o2F-JQZglXXs_RYLLAi5tWXERnIfATP2nn-ALEPb6_4Ru1Zm0Q_VOEab0sGH0y19zEEAUNBb8rI-uEcrWDokhxNk4FgyxtV9xk_q_h2WGFi_W17P2mCMskOlsOLynCN5IImRY0j3Kuo7xuAqSwSZkIzfil6lmKIX4u2WNnAhGMhEyhgra_EdzKI0mZy0fuO7yDSU18OSXDIWfQyRqdO5LP3an8iSDKAvdiZz6hYuZn58PRUql7iODaWP5jQr7uZAqcqub0bwfH-w8CZaU202y10FPZy14Zerj6o-KMn2KiVEpiUgmHR5VSfBYHCvB4dBeBV_6FllK25N6u2cQUMFTfB7ajSyRhFQ4nB5m5t7ly00w57thn_rGS_TgWPALloR6E_xBCyw_tzUqpWyp6Y_F95mB8NuHTVpPUzqdXXaV97g0DHsRKSqr5E2_5v7FSEiNOdLpb_6WgTw39UHwPU8jgA4lDfTe4PyTkW7kA-_8BdS0HiJFJq0n_8-EgYKazeaS0XNJxTF2MA2U_XkvOY4BSTUTHocvFlQLQFv7mSDyZpK43bPpRHsuKE6r_Mqzvpepacnn5QAG4SwANqxmY4A0HqrOPAI69yjmHI5t3vnkrxgPrLDRudrliCLFacNTNhtCmJ_yRnAJxNA7NbUnKpl9UC7RdnKkGm9mzECgE1rRCpR7Bxy_72A4KbT8RUy7azsSe6yf8jpKaM-7aqq3k7ElWfUDaedrwlXeuzz9IOAPe0ZqOBY5Iah7bHPlGaQPGHSkSvLtDG1vLE5uAae1V99VD1HeyIe_kUnYD4u0tP41i0JBvylgpWbo7eGZlRIBti6QpuN1H1pBM--iWF3AVgGJLRVFFd_I8YozqWJMxWzYZoXjBAWRlLCdN0YUwehEblqRyLuqNeiOnsdM6qT74ri5DOkC8U6I0LT6BSYYSMvMIcxnvGql_7c3y1sEouiRVoXXRGZMeoSC6M1iYFrIGapcvaZfDf45KF19zT3cz9a99Qm9QYbnPWGlVZkgIYkjq_bxveAljjQtEzOTjmb5VPHhJCkAd29M-25BHGRDW9ScH-d7FKAhsYmaklqrC__Yv70Soy8s1Eeo3pQl4KhDE3mbgWsdsIQd6itmmN2QuFHUlF4iyye79ZhZbPGGwSTys0ocCCaxiP_oEe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gumoreska.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 2848
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZXNS-3OBfrc1ANMu8cnnk&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBZXNS-3OBfrc1ANMu8cnnk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MkFQdXh3eG4xUDRpUW41&google_gid=CAESEBZXNS-3OBfrc1ANMu8cnnk&google_cver=1&google_push=ASkJ3FbJda8O0PmgmCFrrWLf4KhVgEjEnn0oLvm6P48jtVH...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MkFQdXh3eG4xUDRpUW41&google_gid=CAESEBZXNS-3OBfrc1ANMu8cnnk&google_cver=1&google_push=ASkJ3FbJda8O0PmgmCFrrWLf4KhVgEjEnn0oLvm6P48jtVHJxm2b_jH4c2SekCtYpIFJEzgzOVLoh5PHYXarVuyaQlZNuZW-goC12N8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 09:41:59 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0c6774dcbd8510e59@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MkFQdXh3eG4xUDRpUW41&google_gid=CAESEBZXNS-3OBfrc1ANMu8cnnk&google_cver=1&google_push=ASkJ3FbJda8O0PmgmCFrrWLf4KhVgEjEnn0oLvm6P48jtVHJxm2b_jH4c2SekCtYpIFJEzgzOVLoh5PHYXarVuyaQlZNuZW-goC12N8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 2848
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEE8O_a6VrPMEx7KegVKeioU&google_cver=1&google_push=ASkJ3FZ473-_n2a2-lIYO9kAhAOr1Gx4iB-SlOr2FYgEJAviVcZ65BfdOuxzY2AUfx00JFR1VECUICvvr8tttek-IezqUy2Ez6hbZNA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 2848
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHmZ1l1Ed0PbgKjQLkzg2lE&google_cver=1&google_push=ASkJ3FaFQoRuWQ3bhatPBZz0aK9NmQhIEcMGGyXXxrJyRcxQyjzc-S8qY03PolEO0r5UjdVaObmVJMHDUZoTKnIRue8WmPw...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaFQoRuWQ3bhatPBZz0aK9NmQhIEcMGGyXXxrJyRcxQyjzc-S8qY03PolEO0r5UjdVaObmVJMHDUZoTKnIRue8WmPw5Z2KP5g&google_hm=eS1Ed0hLY3B4RTJwSGxP...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaFQoRuWQ3bhatPBZz0aK9NmQhIEcMGGyXXxrJyRcxQyjzc-S8qY03PolEO0r5UjdVaObmVJMHDUZoTKnIRue8WmPw5Z2KP5g&google_hm=eS1Ed0hLY3B4RTJwSGxPaGZLVFhFVTZNdnFSaDRZRnBHY35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 11 Dec 2022 09:41:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaFQoRuWQ3bhatPBZz0aK9NmQhIEcMGGyXXxrJyRcxQyjzc-S8qY03PolEO0r5UjdVaObmVJMHDUZoTKnIRue8WmPw5Z2KP5g&google_hm=eS1Ed0hLY3B4RTJwSGxPaGZLVFhFVTZNdnFSaDRZRnBHY35B
content-length
0
dds
rtb.openx.net/sync/ Frame 2848
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKrNnZbisF9dGnaf9XRQvpQ&google_cver=1&google_push=ASkJ3FaVXQdhE5dg6HLAEGZ2SU_ls2jcG5hlw-MyEY_7j2Ann2leJK4vUai3l7rpvSmJSh5fIgE620Wotbo9b1CWrngIx0HFGHIwOw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
g31gai58c1033hhatu4e8dnojg9gvnrb
pixel
cm.g.doubleclick.net/ Frame 2848
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF1SssA107AO3K0osQLuWKk&google_cver=1&google_push=ASkJ3FbuuHXl--NEgw8x9B_XD9LpzLQg-z-JJ1eJQeQGfiX2nRUnLnch-0F6OMVcwigZ9nH-FM_AnC70N-OcdR1f...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbuuHXl--NEgw8x9B_XD9LpzLQg-z-JJ1eJQeQGfiX2nRUnLnch-0F6OMVcwigZ9nH-FM_AnC70N-OcdR1fyiMQwfWq1tibuIQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbuuHXl--NEgw8x9B_XD9LpzLQg-z-JJ1eJQeQGfiX2nRUnLnch-0F6OMVcwigZ9nH-FM_AnC70N-OcdR1fyiMQwfWq1tibuIQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 11 Dec 2022 09:41:59 GMT
via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FbuuHXl--NEgw8x9B_XD9LpzLQg-z-JJ1eJQeQGfiX2nRUnLnch-0F6OMVcwigZ9nH-FM_AnC70N-OcdR1fyiMQwfWq1tibuIQ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Cfax-NrBFKwnKuHIEkYVmmCpDw7-Z0pNjJYgfsXuRWSbkO8ZuvGy2Q==
pixel
cm.g.doubleclick.net/ Frame 2848
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENslV8JMoezOcbscjayz7Dk&google_cver=1&google_push=ASkJ3FYAUQzNUoHyyrB5bvdU6qWY0ePqRV35r8VYZ86nbI-HpbTAPtMqeSeNuVZr7kdIZtFxuA...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENslV8JMoezOcbscjayz7Dk&google_cver=1&google_push=ASkJ3FYAUQzNUoHyyrB5bvdU6qWY0ePqRV35r8VYZ86nbI-HpbTAPtMqeSeNuVZr7kdIZtFxuA...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mcVk3T0pkRTJ1SFpXY3pvN09wS1B0NHB4WVk2OXNkWX5B&google_push=ASkJ3FYAUQzNUoHyyrB5bvdU6qWY0ePqRV35r8VYZ86nbI-HpbTAPtMqe...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mcVk3T0pkRTJ1SFpXY3pvN09wS1B0NHB4WVk2OXNkWX5B&google_push=ASkJ3FYAUQzNUoHyyrB5bvdU6qWY0ePqRV35r8VYZ86nbI-HpbTAPtMqeSeNuVZr7kdIZtFxuApB5hHaQ4hGba2f9p94ZFiF_LVxFTws
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mcVk3T0pkRTJ1SFpXY3pvN09wS1B0NHB4WVk2OXNkWX5B&google_push=ASkJ3FYAUQzNUoHyyrB5bvdU6qWY0ePqRV35r8VYZ86nbI-HpbTAPtMqeSeNuVZr7kdIZtFxuApB5hHaQ4hGba2f9p94ZFiF_LVxFTws
date
Sun, 11 Dec 2022 09:41:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 2848
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAKOMoZ7ZZ4IMyKv6LqzaRE&google_cver=1&google_push=ASkJ3FY4B1jXWEirm...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTg0NTk3Njc1MjU1MzAwNzU5MA%3D%3D&google_gid=CAESEAKOMoZ7ZZ4IMyKv6LqzaRE&google_cver=1&google_push=ASkJ3FY4B1jXWEirm48UJY0iW0fiob0ep7...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTg0NTk3Njc1MjU1MzAwNzU5MA%3D%3D&google_gid=CAESEAKOMoZ7ZZ4IMyKv6LqzaRE&google_cver=1&google_push=ASkJ3FY4B1jXWEirm48UJY0iW0fiob0ep74W35cyLZ9L77CHkB7qaUyJMflmxJaSODnokL0rdAaavRssOCgfMoPloWWGX5J491pfiMoP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 09:41:59 GMT
AN-X-Request-Uuid
9be89f2f-047e-4f17-a99d-8f3f7377ebe4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTg0NTk3Njc1MjU1MzAwNzU5MA%3D%3D&google_gid=CAESEAKOMoZ7ZZ4IMyKv6LqzaRE&google_cver=1&google_push=ASkJ3FY4B1jXWEirm48UJY0iW0fiob0ep74W35cyLZ9L77CHkB7qaUyJMflmxJaSODnokL0rdAaavRssOCgfMoPloWWGX5J491pfiMoP
Connection
keep-alive
X-Proxy-Origin
217.138.196.102; 217.138.196.102; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2848
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1VoTwCljSBaAQ7Sn0vWmgVTTRuXHUmRBxU41WYoXu1aDv6ikEZBTNS2J9PghZ2skFFjokh3A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:41:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
visit.js
tps.doubleverify.com/ Frame FEEA
694 B
702 B
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=125&ttfrms=29&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8F%3E%40C6D%3C2%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau8F%3E%40C6D%3C2%5D%3A%3F%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&uid=1670751719613673&jsCallback=dvCallback_1670751719613398&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3317&tgjsver=3317&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9735848914219258%26output%3Dhtml%26h%3D250%26slotname%3D3497597976%26adk%3D4253229104%26adf%3D3753362141%26pi%3Dt.ma~as.3497597976%26w%3D332%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1670407375%26rafmt%3D1%26format%3D332x250%26url%3Dhttps%253A%252F%252Fgumoreska.in.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1670751716524%26bpp%3D1%26bdt%3D371%26idt%3D481%26shv%3Dr20221206%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1160x280%252C808x280%26nras%3D1%26correlator%3D527269080874%26frm%3D20%26pv%3D1%26ga_vid%3D1460323384.1670751717%26ga_sid%3D1670751717%26ga_hid%3D1600452925%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1068%26ady%3D752%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44778780%252C31071219%252C44774292%252C44779077%26oid%3D2%26pvsid%3D723183364295668%26tmod%3D1061978022%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257Co%257CoeE%257C%26abl%3DNS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26xpc%3Dr5sPA5MP8q%26p%3Dhttps%253A%2F%2Fgumoreska.in.ua%26dtd%3D485&fcifrms=7&brh=2&sdf=2&dvp_epl=250&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://gumoreska.in.ua/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0i7mvJJ2RnRJwigqSGOdM4m&DVP_DBM_1=3060631&DVP_DBM_2=24779301&DVP_DBM_3=16741108292&DVP_DBM_4=416781685&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=620162386246&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=14206507358.014765&dvp_tukv=216380308.8752505&dvp_uuid=194960045161.9241&dvp_strhd=0.39999961853027344&dvpx_strhd=0.39999961853027344&dvp_tuid=182150286674&jurtd=2779713121
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3317.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
2ba789558d6fdb01cef69bba46311da51ea2a3eb7f877c211942cdb03895eacb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 09:41:59 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
12/10/2022 09:41:59
j-6418431-3883081.js
cdn.flashtalking.com/xre/641/6418431/3883081/js/ Frame 5035
52 KB
15 KB
Script
General
Full URL
https://cdn.flashtalking.com/xre/641/6418431/3883081/js/j-6418431-3883081.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/177894;6418431;201;jsappend;DV360;DV360FY20CCLALD2PandTWPCombineUKDSKBAN300x250/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9735848914219258%26output%3Dhtml%26h%3D250%26slotname%3D3497597976%26adk%3D4253229104%26adf%3D3753362141%26pi%3Dt.ma~as.3497597976%26w%3D332%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1670407375%26rafmt%3D1%26format%3D332x250%26url%3Dhttps%253A%252F%252Fgumoreska.in.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1670751716524%26bpp%3D1%26bdt%3D371%26idt%3D481%26shv%3Dr20221206%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1160x280%252C808x280%26nras%3D1%26correlator%3D527269080874%26frm%3D20%26pv%3D1%26ga_vid%3D1460323384.1670751717%26ga_sid%3D1670751717%26ga_hid%3D1600452925%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1068%26ady%3D752%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C4475&us_privacy=${US_PRIVACY}&cachebuster=622761.4402225901&ft_dv=%5B%25ft_dv%25%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
16fa4d77fd23aba0888f41d1ff33deec9c84c248e860dbe1db81f1ec60e11e0d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 09:41:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Nov 2022 23:06:52 GMT
Server
Flashtalking (AKA)
ETag
W/"9fb98af3448fad5581b480c125b624bf"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-Varnish
840856759
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14829
Expires
Sun, 11 Dec 2022 10:01:59 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 5035
8 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=177894&sid=18330&plc=6418431&num=&adid=&advid=&adsrv=29&btreg=6418431&btadsrv=flashtalking&crt=3883081&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=47D7A980-95CD-5420-234A-9A1A214476F1&auevent=&826301168
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/641/6418431/3883081/js/j-6418431-3883081.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 09:42:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 11:39:13 GMT
Server
Microsoft-IIS/10.0
ETag
"8065f8730ad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3315
3883081.gif
cdn.flashtalking.com/xre/641/6418431/3883081/image/ Frame 5035
23 KB
24 KB
Image
General
Full URL
https://cdn.flashtalking.com/xre/641/6418431/3883081/image/3883081.gif?580301137
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
0d36b46e4fd7d76f9861ab17e0fc0da9c3352392e4229b627a7998dfe4232bca

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 09:42:00 GMT
Last-Modified
Mon, 07 Nov 2022 23:06:53 GMT
Server
Flashtalking (AKA)
ETag
W/"a749eda7708ba23b37e7e76a5d217830"
Content-Type
image/gif
X-Varnish
844082428
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24034
Expires
Sun, 11 Dec 2022 10:02:00 GMT
iconc.png
secure.flashtalking.com/oba/icon/ Frame 5035
1 KB
2 KB
Image
General
Full URL
https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 09:42:00 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:32 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
Content-Type
image/png
X-Varnish
634152462 540972996
Cache-Control
max-age=2591271
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1308
Expires
Tue, 10 Jan 2023 09:29:51 GMT
dv-measurements3317.js
cdn.doubleverify.com/ Frame D8CA
552 KB
106 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements3317.js
Requested by
Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a18f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 09:42:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 09:45:11 GMT
Server
Microsoft-IIS/10.0
ETag
"80ad389920ad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108147
visit.js
tps.doubleverify.com/ Frame D8CA
2 KB
1 KB
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=95&ttfrms=6&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau8F%3E%40C6D%3C2%5D%3A%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau8F%3E%40C6D%3C2%5D%3A%3F%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1100&ddur=48&uid=1670751720167434&jsCallback=dvCallback_1670751720167517&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3317&tgjsver=3317&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9735848914219258%26output%3Dhtml%26h%3D250%26slotname%3D3497597976%26adk%3D4253229104%26adf%3D3753362141%26pi%3Dt.ma~as.3497597976%26w%3D332%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1670407375%26rafmt%3D1%26format%3D332x250%26url%3Dhttps%253A%252F%252Fgumoreska.in.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1670751716524%26bpp%3D1%26bdt%3D371%26idt%3D481%26shv%3Dr20221206%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1160x280%252C808x280%26nras%3D1%26correlator%3D527269080874%26frm%3D20%26pv%3D1%26ga_vid%3D1460323384.1670751717%26ga_sid%3D1670751717%26ga_hid%3D1600452925%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1068%26ady%3D752%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44778780%252C31071219%252C44774292%252C44779077%26oid%3D2%26pvsid%3D723183364295668%26tmod%3D1061978022%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257Co%257CoeE%257C%26abl%3DNS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26xpc%3Dr5sPA5MP8q%26p%3Dhttps%253A%2F%2Fgumoreska.in.ua%26dtd%3D485&fcifrms=7&brh=2&sdf=2&dvp_epl=250&noc=4&nav_pltfrm=Win32&ctx=1828362&cmp=177894&sid=18330&plc=6418431&crt=3883081&btreg=6418431&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=47D7A980-95CD-5420-234A-9A1A214476F1&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=14206507358.014765&dvp_tukv=199074854726.88208&dvp_uuid=5188.104451205623&dvp_strhd=0.10000038146972656&dvpx_strhd=0.10000038146972656&dvp_tuid=470958429432&jurtd=2504386420
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3317.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
480e731df62a13cc65046e5820ca74ec0c10b3b90c587d9c9739c9658db256c9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 09:42:00 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
12/10/2022 09:42:00
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 5035
6 KB
6 KB
Image
General
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3753362141&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1670407375&rafmt=1&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670751716524&bpp=1&bdt=371&idt=481&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=527269080874&frm=20&pv=1&ga_vid=1460323384.1670751717&ga_sid=1670751717&ga_hid=1600452925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071219%2C44774292%2C44779077&oid=2&pvsid=723183364295668&tmod=1061978022&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=r5sPA5MP8q&p=https%3A//gumoreska.in.ua&dtd=485
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 09:42:00 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type
image/png
X-Varnish
462961954 462159034
Cache-Control
max-age=301
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5953
Expires
Sun, 11 Dec 2022 09:47:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5035
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscih76VNiqgIPauw9mY484kVIxb6XTEe0AFVuyXs6s_H4x-nQ3GEEp9vc-6mJ89GllTY-hKrcRSHnEDugjVWTGhi5V6ZU7iaEiHXItWYVYgU0RPHbvx1h2HztCDotXFolM4bt_bA&sai=AMfl-YR7wZdv2huO5rZg_FTbxdLmU6VbtD_QN7H5dVDsuWDO0K3tTZiE3wLcH_DkzsC9Z7_VWyw3OCCEA0ld2F1FA6nLK78wPL4EB7HHug&sig=Cg0ArKJSzElDRBce8l73EAE&cid=CAQSKQDq26N9THkDx_iAb2xzKEToZe_7o6BFxTWQzc2blsPdY-ZAVFDDjjivGAEgEw&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4253229104&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670751718918&rpt=572&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:42:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIk7mrlaPx-wIV8iAGAB18NQrkEAAYACCutaxTQhMI_8LvlKPx-wIV5YjRBB1nPgF8;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,168,273,641%26tos%3D0,0,2049,0,...
ade.googlesyndication.com/ddm/activity/ Frame 4971
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIk7mrlaPx-wIV8iAGAB18NQrkEAAYACCutaxTQhMI_8LvlKPx-wIV5YjRBB1nPgF8;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,168,273,641%26tos%3D0,0,2049,0,0%26mtos%3D0,0,2049,2049,2049%26amtos%3D0,0,0,0,0%26mcvt%3D2049%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2218%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D209%26dur%3D15018%26vmtime%3D2225%26dtos%3D2049%26dtoss%3D1%26dvs%3D2049%26dfvs%3D0%26dvpt%3D2218%26is%3D275%26i0%3D18%26ic%3D257%26cs%3D275%26c%3D0.6%26mc%3D0.6%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D758165014%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2049;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1670751718670;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:42:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4971
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui89CSmNoGVpCrzhkZdMFF6CDrsDyk-PcskL71quJULgvsJoPbJGm-Pqinu7LRgBKkyXqhHbHiG8QVkTsp62pH8_7oV-KgLz2StYWKUl8y7SX8Cfh3kh8lbzkwkxh9cSe7XpmsCg&sai=AMfl-YS1mCAmW4_8yDhSd31b8RUL1J51LkgoPA-rTyto7pVlCI-gWpHG5OFxrKdk3CEHRAJok9s4jw5prpW_h5I&sig=Cg0ArKJSzPLXZ_iBi7KSEAE&cid=CAQSGwDq26N9lERSQfsdOB4IV8wowHzEV6qveMbhjhgBIBM&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,168,273,641%26tos%3D0,0,2049,0,0%26mtos%3D0,0,2049,2049,2049%26amtos%3D0,0,0,0,0%26mcvt%3D2049%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2218%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D209%26dur%3D15018%26vmtime%3D2225%26dtos%3D2049%26dtoss%3D1%26dvs%3D2049%26dfvs%3D0%26dvpt%3D2218%26is%3D275%26i0%3D18%26ic%3D257%26cs%3D275%26c%3D0.6%26mc%3D0.6%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D758165014%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2049&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1670751718670
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 09:42:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontentvisibilityautostatechange object| Wpfcll function| wpfci object| adsbygoogle object| kk_star_ratings undefined| $ function| jQuery object| h5abPrintSettings object| copyTheCode object| mPS2id_params object| ajax_var object| snowFall object| dataLayer object| CopyTheCodeToClipboard object| CopyTheCode function| loadCSS object| Pace object| AOS object| StickySidebar function| ClipboardJS object| ASL object| ASL_INSTANCES object| WPD function| _ASL_load object| _wpd_el object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| gtag string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

20 Cookies

Domain/Path Name / Value
gumoreska.in.ua/ Name: pll_language
Value: uk
.gumoreska.in.ua/ Name: _ga_XD2CSE5HNH
Value: GS1.1.1670751716.1.0.1670751716.0.0.0
.gumoreska.in.ua/ Name: _ga
Value: GA1.3.1460323384.1670751717
.gumoreska.in.ua/ Name: _gid
Value: GA1.3.479505457.1670751717
.gumoreska.in.ua/ Name: _gat_gtag_UA_131431071_1
Value: 1
.gumoreska.in.ua/ Name: __gads
Value: ID=ae63cdd15cb40c7c-22a83747edd90025:T=1670751717:RT=1670751717:S=ALNI_Ma5ie8zFiJ4WlaDUsJaHE78_9uPug
.gumoreska.in.ua/ Name: __gpi
Value: UID=00000b90bf621f7b:T=1670751717:RT=1670751717:S=ALNI_MaKM1nDx3rKc2pKy6SVMlP1wBNj1A
.doubleclick.net/ Name: IDE
Value: AHWqTUl4TUtJTRoFy3hrE6lZRDOSl_OKZUDrrBAYObfx3Ni68Xmr-t7y_9TJWsCOgSU
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 5845976752553007590
.casalemedia.com/ Name: CMPS
Value: 3279
.casalemedia.com/ Name: CMPRO
Value: 3279
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>?vZ'O(!]tbPl1M>e)ZlrFUfJ+tGXxoTa:(w_Sd`Cr<wE.XIO`PzYkl-OQ<<e6kF3?23If)y3KL9D3I?+.*+D5Z
.casalemedia.com/ Name: CMID
Value: Y5Wl550zd.7.cHCWwwuXygAA
.casalemedia.com/ Name: CMTS
Value: 3275
.blismedia.com/ Name: b
Value: 6395A5E7F4E0159A8E531196BLIS
.w55c.net/ Name: wfivefivec
Value: 2APuxwxn1P4iQn5
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~28s9
.yahoo.com/ Name: A3
Value: d=AQABBOellWMCEHYXPkpHl_2tHxrqiz0tjn4FEgEBAQH3lmOfYwAAAAAA_eMAAA&S=AQAAAkedJm8hl9RITJcBWsWmllo
.w55c.net/ Name: matchgoogle
Value: 5

1 Console Messages

Source Level URL
Text
network error URL: https://mts0.google.com/vt/data=PaV0uldPA4PA9H_wbVcMR-Ozz-VUVOuCP0oHDYhKLPSCuC4x7elamCZBKghWldme3z-rZ041KscziF_OUHGXArqpiCuDhGRbOHpFMBYUkys9Xcs8gRfrbIaYUwNfIuQ
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.co.uk
adservice.google.com
bid.g.doubleclick.net
cdn.doubleverify.com
cdn.flashtalking.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gumoreska.in.ua
ib.adnxs.com
imasdk.googleapis.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r3---sn-aigzrn76.c.2mdn.net
region1.google-analytics.com
rtb.openx.net
rtb0.doubleverify.com
s.ad.smaato.net
secure.adnxs.com
secure.flashtalking.com
servedby.flashtalking.com
sp-ao.shortpixel.ai
stats.g.doubleclick.net
tpc.googlesyndication.com
tps.doubleverify.com
tr.blismedia.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.109.57.2
142.250.186.34
142.250.186.66
184.30.20.47
185.80.39.216
185.89.210.46
185.89.211.116
2001:4860:4802:34::36
216.58.212.162
2400:52e0:1e00::864:1
2600:9000:2057:8200:1b:5138:8a40:93a1
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:808::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
2a00:1450:401f:6::8
2a02:26f0:1700:6::17d5:a18f
2a05:d018:d29:3602:1fbf:d81b:be7d:8476
3.126.56.137
3.68.131.166
34.149.12.213
34.96.105.8
35.186.253.211
74.125.133.157
77.83.100.33
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
08db8242bf9b44b57347e2c7ae8c199cfb1811521478d6c4c17f556821c40ecb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d36b46e4fd7d76f9861ab17e0fc0da9c3352392e4229b627a7998dfe4232bca
0fababa0752f450422ab0469e37d6df463cbefbef60ad9468f4cd09cfeb192af
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
156d97a744f4ddde25cdb765e2a19cf19b001a28646266a6b014274fbddb53ff
16fa4d77fd23aba0888f41d1ff33deec9c84c248e860dbe1db81f1ec60e11e0d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2251442b6f81a6c1139e51d7353a40ec0b7c5b9ef61a25b1c4efb34db89fc1b7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ba789558d6fdb01cef69bba46311da51ea2a3eb7f877c211942cdb03895eacb
2c0c291bc0981ba13c0fab388914b31ab2729ab42036ef251081077a196403f6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3aca595dc45a87fdad669c886ec7743e4e5a6464833c769a3a37f71134880c59
3bf4a50891fb47c773ffbfef2d7d89732352eeb9155d9293caf3ea18480772ec
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
43cc4405f112007891ce897704a3c51090f06518ec5f412abdc41a6946972723
480e731df62a13cc65046e5820ca74ec0c10b3b90c587d9c9739c9658db256c9
484f4cbf849ab97e1a7199dff727372d683adbf0283e4269cb68b5c8c2f94681
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4daf15b436d0f278a422724e516b8eeb886e54046d2a576551acfe99661a708d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eeeea94d6fa339abff093e05cf09a56a23d38ae3a32fa3d5b36ef3fc430ee21
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51a63cdd90bfe46d56005e6a387e33cde6c1893ad0221dc0e5acb2cdd96e6640
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59cea53635d3457a0cd791833999a6df362118a35974a5ad8883b857105d14ce
5c933567e6f97958cf449e77d632cfe79a867f4a6bc2a2ac4338b516e3200c02
5d5cf956cf581ca2184750743dcf31ad2b112f25c52619edbeb6e70082ee8d37
608bddc1b2101e695af06613cef4d5a97e0db87567b07e0d3c7d33764a65ae5f
60f31985dd16d4e48fd9fa90a5713223b6987e79c31f8e3a7af3da81332606f8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63180e21cc11e58335a55344176bfa56b59fc79ac68c6e4d7927b559e67efcf0
6363f9b1a92d4572a3fb5e6ca22e89c595e02158167ea1046bbf5121cea25053
67ec803f11712200df40e8457e9ffba669110709706bb9745671956fd1aa9494
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c00ff82cd8f35625d8581df8775a95517e9c35db80fa9ee32939e8c5a9bf998
6f9891efe0668dfff831ea8baa6a2426055cd2256f99c45225249dd9cd3a2595
7125d9ee95d8ca2e8db7315a85132ae66d804a8a4a9d18ca44347a640bb22f9c
81df21fcc66b8e4831acb9e212c62bcd0b8bf78b9623060341afa261d5aa354b
838df6a7fecee1b171bf2042fda0fc74ee94872026a2eadede826118fb67dc5f
85ce8217076eba220dc50fcde420be5ea67b9e22dbd497cb888c42ff2b0a87c4
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
94d1ed14e42ee322a443eea04c4d0202432ce8ecdce00cbcae0787dd82567d49
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0186818c195f3b34f967ec0bf2b8b75fa5fefe6c5e2bd5a60c6e841d3b4d17d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5672a662dfa3a55b18c96975c5b9d2c9ef7d8e52bb39d723c7d3f4ff80b9932
a60235fbe15445f631b705069503b3eb66d2472b75a04eed0f66eb5fc2c29bc8
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9bf9b8510762a4462ecbe13c2a10fafcd88832fd7b60517af761d77f9a7433a
af7d93949e8ddbc38c12a902b848ad043428d414fca686c6cc51184a3d3df1ce
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bbfba9ecde14a323dfdf4f304b68ca3e9db35a8025a5859b49abfde256becc69
be6c8541a7e3af01c32560e688cb5a402a4cfcd67a1d04651174f8c1bf6b44bc
bed6cef3a2a83b0bfc42310907aa856549a86c15b7f3103d936c3d436bdd0655
c00cce67a6ce76987f2dc7b4584192cf2e725370c8cde2ee101f0b0ba38b89aa
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c6dd7cfac78e9dc0ef9c8dcff934637869725bff49d632c04aac3cd18819be13
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
ce3e333617066f73ecc101d0aaa0036d5a99baf632780f66cb58f2694b7e964d
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d70c2766b7c42f0b2418b6ea551262fb3750ec117c5183e02a388c2bb6a34b4d
dde8a46ba01d610e0a710cda75ad9a7ebec4a108c9955d7f738a676d88f54c3e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dff6a61c6c3c85556ba8f1b078d9b93109caeb8622c4b9d99c50eaf3044d68d3
e2e3784be51fb92ad57192255ff8915e110000c2ebd64b27c6264ba45a3143f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4
ef05e88d8ccd136d251eee454e77e13acd5f7abe821e12f4e0558e6ed2858786
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f92b1327919cd58a1a223e4d17e518c6a6a411f3c3451ead3d0724c21ceeecc5
fab05395cd77c17416e710d1b923dac538b46ea6ab488c627eb2b5d183a046a5
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48