www.capital.ua Open in urlscan Pro
2606:4700:3037::ac43:9389 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://capital.ua/
Effective URL:
https://www.capital.ua/
Submission: On October 19 via api (October 19th 2022, 8:23:44 am UTC) from GB — Scanned from GB

Summary HTTP 192 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 44 IPs in 10 countries across 30 domains to perform 192 HTTP transactions. The main IP is 2606:4700:3037::ac43:9389, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.capital.ua.
TLS certificate: Issued by E1 on October 2nd 2022. Valid for: 3 months.

This is the only time www.capital.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	2606:4700:303... 2606:4700:3037::ac43:9389	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
6 15	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	104.18.19.39 104.18.19.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	217.16.18.207 217.16.18.207	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
7	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
6	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
4	2a02:26f0:350... 2a02:26f0:3500:58b::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	52.208.57.60 52.208.57.60	16509 (AMAZON-02) (AMAZON-02)
2 4	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 4	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
4	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
2	2600:9000:245... 2600:9000:2451:f400:8:455e:4a00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:249... 2600:9000:2491:8e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
16	2600:1f18:1ac... 2600:1f18:1aca:4280:a871:9680:529f:f9f1	14618 (AMAZON-AES) (AMAZON-AES)
192	44

28 2606:4700:3037::ac43:9389 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capital.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.capital.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.212.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.39 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

tcr.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sc.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.16.18.207 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine) 1 redirects

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:58b::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.57.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-57-60.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.83.142.19 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2451:f400:8:455e:4a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.besafe.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2491:8e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:1f18:1aca:4280:a871:9680:529f:f9f1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	145 KB
28	capital.ua 1 redirects capital.ua www.capital.ua	535 KB
24	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 620 static.adsafeprotected.com — Cisco Umbrella Rank: 594 dt.adsafeprotected.com — Cisco Umbrella Rank: 546	195 KB
23	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	206 KB
15	google.com apis.google.com — Cisco Umbrella Rank: 112 www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 83 adservice.google.com — Cisco Umbrella Rank: 78	223 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	8 KB
10	tynt.com tcr.tynt.com — Cisco Umbrella Rank: 104281 sc.tynt.com — Cisco Umbrella Rank: 11882 ic.tynt.com — Cisco Umbrella Rank: 5320 de.tynt.com — Cisco Umbrella Rank: 1517	18 KB
8	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 438 ib.adnxs.com — Cisco Umbrella Rank: 232	8 KB
8	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 482 rtb0.doubleverify.com — Cisco Umbrella Rank: 703 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 15777	43 KB
8	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 21653 id.gravitec.net — Cisco Umbrella Rank: 138722	57 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	127 KB
6	gstatic.com ssl.gstatic.com	6 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 731 syndication.twitter.com — Cisco Umbrella Rank: 1061	152 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 107	215 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	91 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	120 KB
2	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1565	593 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	919 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 671	207 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1521	486 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 729	927 B
2	besafe.global cdn.besafe.global — Cisco Umbrella Rank: 13109	27 KB
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3174 adservice.google.co.uk — Cisco Umbrella Rank: 5147	1 KB
2	bigmir.net 1 redirects c.bigmir.net — Cisco Umbrella Rank: 160126 i.bigmir.net — Cisco Umbrella Rank: 350946	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 987	356 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	2 KB
1	adriver.ru content.adriver.ru — Cisco Umbrella Rank: 37280	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	17 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
192	30

	Domain	Requested by
27	www.capital.ua	www.capital.ua
16	dt.adsafeprotected.com	www.capital.ua
14	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
14	pagead2.googlesyndication.com	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
11	tpc.googlesyndication.com	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	apis.google.com	www.capital.ua apis.google.com www.youtube.com accounts.google.com
7	ic.tynt.com	www.capital.ua
7	www.youtube.com	apis.google.com www.youtube.com
7	cdn.gravitec.net	www.capital.ua cdn.gravitec.net
6	ssl.gstatic.com	accounts.google.com www.capital.ua
5	googleads.g.doubleclick.net	www.googleadservices.com 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com www.capital.ua
4	static.adsafeprotected.com	pixel.adsafeprotected.com 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
4	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
4	secure.adnxs.com	2 redirects 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
4	pixel.adsafeprotected.com	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com www.capital.ua
4	cdn.doubleverify.com	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com cdn.doubleverify.com
4	www.google.com	www.capital.ua 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com tpc.googlesyndication.com
4	platform.twitter.com	www.capital.ua platform.twitter.com
3	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	www.facebook.com	1 redirects www.capital.ua connect.facebook.net
3	connect.facebook.net	www.capital.ua connect.facebook.net
3	www.googletagservices.com	www.capital.ua 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
2	ag.innovid.com	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
2	rtb.openx.net	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
2	cms.quantserve.com	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
2	cdn.besafe.global	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com cdn.doubleverify.com
2	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	syndication.twitter.com	platform.twitter.com www.capital.ua
2	accounts.google.com	apis.google.com www.capital.ua
2	www.google-analytics.com	www.capital.ua
1	odr.mookie1.com	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
1	de.tynt.com	tcr.tynt.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	sc.tynt.com	tcr.tynt.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.co.uk	www.capital.ua
1	i.bigmir.net	www.capital.ua
1	c.bigmir.net	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	id.gravitec.net	cdn.gravitec.net
1	content.adriver.ru	www.capital.ua
1	tcr.tynt.com	www.capital.ua
1	www.googleadservices.com	www.capital.ua
1	capital.ua	1 redirects
0	googlecm.hit.gemius.pl Failed	1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
192	52

This site contains links to these domains. Also see Links.

Domain
www.bigmir.net

Subject Issuer	Validity	Valid
*.capital.ua E1	`2022-10-02` - `2022-12-31`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-28` - `2022-10-26`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
cdn.besafe.global Amazon	`2022-05-26` - `2023-06-24`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.capital.ua/
Frame ID: 5609A2CD51B02DD735BCF1D23D91A2C7
Requests: 78 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 7871D00696983206D6ACC5AA480D0973
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: A22F9DE3A754AEDD1D4B17F80B748B34
Requests: 6 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.capital.ua
Frame ID: B9F0CE1A5470D8C5AA06DCC68B962E19
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: 39277DFE304DBD9700476A4DD1112F73
Requests: 5 HTTP requests in this frame

Frame: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0450D0E5A33E54F35AC664DB1D8F326D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: 9CB2EB86BED42E12F2EEAF945A41ED1B
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.7dae38096d06923d683a2a807172322a.ru.html
Frame ID: C07C9CA9638B428ADDE688D0DE6999A7
Requests: 2 HTTP requests in this frame

Frame: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F57C389360A781DEE1CDDB480B6FEB91
Requests: 27 HTTP requests in this frame

Frame: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BBE23B353CB532189BAF5A3112251473
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCA3fC1Axjx-KnVATAB&v=APEucNUJhiLTPIqJGJN-0g8oZFfiFyKQK2PVLiAOfOnD8xebdRmPfXpfhI_KattNkoh1CKOlGbgVlS5o9l59UfVAJOlFzuSWBA24C3VNXDhimkEiwgANY7IY93fGOt9yB2DtpifPfEdQnZHHdd0E9dCFRmPMZbNiDCXVY-U9VY_8j9hDoBGCi4Q
Frame ID: 5D6763966B3E5A441486A8D07F8AB7DA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCA3fC1Axjx-KnVATAB&v=APEucNWM9m7KrOwdpZJ-gELL2bu8KTdgEIIfhqEIK_7fv9lsr8OHUz2QK4G8OcHqdXnxGKGHkjxl6yLNVwjbOfbjOBj0TYQ2KguSLwO0bp_gLWGD5trw60NfemSpm2Zs8Pv6JUtVgiuRR16oNev-7xszkiem9h-cW0bws6il6A_lqk19lUw7SIU
Frame ID: 3F162C684FBD230149E9065C12953222
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 21FB5EFCF6C1D2829D2A9AAF72D14820
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 81B993AD16B30C4B2894969D5D17B8D5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CBCDF7384127725F580EC258AD0C54A2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6623924DEB61FD5F49C941257199F413
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EC81A61F509D99BB4E669885BAD8201C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfba6ab1840e08%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff121bba1047f688%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
Frame ID: DBBBFFEE9819B42CBB7CAC24B509D293
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 451C373D4A28BFF8482E4DCE2D8161C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E697FA565AF163428CA6A75439665F8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 97E841F5033A9A7159D743A5A8750A74
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Капитал

Page URL History Show full URLs

http://capital.ua/ HTTP 301
https://www.capital.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

192
Requests

92 %
HTTPS

59 %
IPv6

30
Domains

52
Subdomains

44
IPs

10
Countries

2001 kB
Transfer

5426 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bigmir.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://capital.ua/ HTTP 301
https://www.capital.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://c.bigmir.net/?v16931254&s16932857&t3&c1&n918803&w0&y0&d24&r1600 HTTP 302
https://i.bigmir.net/cnt/03.png

Request Chain 97

https://secure.adnxs.com/seg?add=31654010%2C31654010&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31654010%252C31654010%26t%3D2

Request Chain 107

https://secure.adnxs.com/seg?add=31654010%2C31654010&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31654010%252C31654010%26t%3D2

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1

Request Chain 115

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0.0DMsXXDxYwh0x9VY2sgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1&google_hm=2

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5iFrKH4qSNxYIW0uh6e-s&google_cver=1

Request Chain 117

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyNjM2MDc5NzA3MTM2MDc3Ng%3D%3D

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0.0DMsXXDxYwh0x9VY2sgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1&google_hm=2

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5iFrKH4qSNxYIW0uh6e-s&google_cver=1

Request Chain 121

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyNjM2MDc5NzA3MTM2MDc3Ng%3D%3D

Request Chain 145

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIlJap-rn8iXuDfKTjY9Tn8&google_cver=1&google_push=AZmPxg-U8PdcUKtoXs_1c5KvRI3xvfhrRH4wmzuLJ4tsRnWK-sryzQoVSKBKPjyp4RMP9uzcfergGj5OUK7yRWKgq4Yj0yDLFe0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGREFVVlktMU8tR0RIVQ==&google_push=AZmPxg-U8PdcUKtoXs_1c5KvRI3xvfhrRH4wmzuLJ4tsRnWK-sryzQoVSKBKPjyp4RMP9uzcfergGj5OUK7yRWKgq4Yj0yDLFe0

Request Chain 146

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_cver=1&google_push=AZmPxg8H1DtqE2bz-SSeSCe0fTXjDFijWVoFE4ntj_01TN8PeYVSz7oyUQEVGAU4UmnoCkwBJSUNxJfsfwnpWGy4sP7-yar4E34 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_hm=Y0-0DMsXXDxYwh0x9VY2sgAADRkAAAAB&google_nid=index&google_push=AZmPxg8H1DtqE2bz-SSeSCe0fTXjDFijWVoFE4ntj_01TN8PeYVSz7oyUQEVGAU4UmnoCkwBJSUNxJfsfwnpWGy4sP7-yar4E34

Request Chain 154

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIlJap-rn8iXuDfKTjY9Tn8&google_cver=1&google_push=AZmPxg9n4fFBQqAvNysmF0HfS28JZpbdam0PIfu0bBX-3iBCm0CI3_CeICUauzxjYPEHEsG8Aqlv4sGnMHv2zw_XCqC8wSXphHaODA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGREFVVlktVS0ySEk=&google_push=AZmPxg9n4fFBQqAvNysmF0HfS28JZpbdam0PIfu0bBX-3iBCm0CI3_CeICUauzxjYPEHEsG8Aqlv4sGnMHv2zw_XCqC8wSXphHaODA

Request Chain 155

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_cver=1&google_push=AZmPxg8E8LWvwvc2AQ1Jd0Mc-NR-jVEOl-YDNh0l2TmWztHdI_PsIdJfD2hbsav-HL2qWC1oyifwE7VRbc55GVktwbdCm2RTNfVHxg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_hm=Y0-0DMsXXDxYwh0x9VY2sgAADRkAAAAB&google_nid=index&google_push=AZmPxg8E8LWvwvc2AQ1Jd0Mc-NR-jVEOl-YDNh0l2TmWztHdI_PsIdJfD2hbsav-HL2qWC1oyifwE7VRbc55GVktwbdCm2RTNfVHxg

Request Chain 166

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=349712125128014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfba6ab1840e08%26domain%3Dwww.capital.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.capital.ua%252Ff121bba1047f688%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fcapitalukraine&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfba6ab1840e08%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff121bba1047f688%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue

192 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.capital.ua/
Redirect Chain

http://capital.ua/
https://www.capital.ua/

41 KB
9 KB

139ms
62ms

Document
text/html

2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16883eb473f914e95231a8883dcd923f38fcdecf577ee067a0199c398573d9d7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 75c81ce22be67744-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 08:23:38 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJs%2BOs71WmP77KXxp7P84aNPQykSFT7eGHWWD0e2CL%2FEZbpUXzMQHpkzdnOnq%2Ba1gcsDC9oclN5wTx3AF0ztUEhsDlm8YxKMpzGr3zKobx7DMF2QtJVyGBBJYdtD05Esh82eFf9CJvvx23t3wg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 75c81ce13e4a7535-LHR
Connection: keep-alive
Content-Type: text/html
Date: Wed, 19 Oct 2022 08:23:38 GMT
Location: https://www.capital.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F0MuvU%2BmVDcIqwbolPUjhuzqq74DouIxWH7h3LX39l%2FEqh1euM2Q8Arm7%2BONCvQ%2F2HNmPv4hxPCsILAQZLgw2HIhlK%2B%2FUUCdpNY5%2BFKhtWaSvaos7iATE0UQQTQYFrUokl8t%2BDu87kv"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/ 64 KB
18 KB 126ms
54ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f72c00b15f5e8de9e6d3b0ce7cb5844461b95b80b2765684e8251674898602e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:54:36 GMT
date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:05:51 GMT
server: nginx
etag: W/"61fa496f-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 optimized.css
www.capital.ua/assets/ 126 KB
23 KB 44ms
42ms Stylesheet
text/css 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/assets/optimized.css?1554978132
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f9260505cb5526e66a90f881f03937ac90713ccd18b2e8ff87d1675b388aea8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2019 10:22:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 54083
etag: W/"5caf1554-1f799"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2F%2FJDP4TJCNcbrwmrdh6LWhCSK1gGn%2B%2F9VkQQ45c6e%2BFTA6%2B2R%2F6RwLR2iA9mDaZQHsTjnIdUHbqrADk0waeql7CakZXUO96a0348AzLz82wstL%2BTDBlC8yedK6Aur830CP704Xyy%2BDx6uAidw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 75c81ce29d2d7744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Oct 2022 21:14:48 GMT

GET
H2 200 optimized.js Show response
www.capital.ua/assets/ 510 KB
150 KB 57ms
56ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/assets/optimized.js?1554978132
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db54105fde6a0d05b0128e79b9cb1f62c03f6b1ad56f2f3d4c276b502b89e58a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2019 10:22:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 54083
etag: W/"5caf1554-7f692"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fygb5%2BHdvhgqfPd%2Blv1kvlo%2BrJsSediAgcr8jwkkh088wx3jjpH00vTVLuWmX%2FR%2FZ%2BWCv26GmR3NNyZ%2FfUzSgUvBfApDi6y%2Fu9jWCiRveALGZsE0nRCdW6z8qQAw6Zdpp%2FQYxH1l370xeqzadA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 75c81ce29d337744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Oct 2022 07:29:34 GMT

GET
H2 200 adriver.core.2.js Show response
www.capital.ua/js/ 6 KB
2 KB 86ms
85ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/js/adriver.core.2.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b510daf4a269c50ee4669c06f25d6b141676acfd21d3faa9663a19e96ac2cf01

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5b4f39f7-1719"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV9OfCJ3eivp9SOEYZMj1kNEhHINEygOXN%2FVOPD5iKgdYnjQkllrqhD3MvsS6KE6UgIZ1x0HQMcX%2F3wL1mtpKbAFT8Ua8zVos9Vzuhw1blTRZPZmUX%2F9DZqz%2BPSx%2BdvihF8j2QOezSRaA0LSjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 75c81ce29d377744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Oct 2022 18:48:35 GMT

GET
H2 200 highstock.js Show response
www.capital.ua/js/highstock/ 167 KB
63 KB 87ms
86ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/js/highstock/highstock.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 350bced20d8c9ed3eccbc0b344aad8e292f6eef92752334683228761a257ac0f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 54083
etag: W/"5b4f39f7-29ce4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oq4yRekxkNiOuMt8HkhrEUSY7aNTjj5rf%2BFZVIBbPmT5d1Yu40pQTbWa%2FA4Xs%2BOEPDejZW6%2BBqbmb%2BzAC9VVDR%2BgfohuDXXQhtZxE6JonuByii5kiN36B9qFT2x1k09IZm0P0qIHYG4cQg9KTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 75c81ce29d397744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Oct 2022 15:51:30 GMT

GET
H2 200 highstock_options.js Show response
www.capital.ua/js/highstock/ 632 B
664 B 47ms
46ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/js/highstock/highstock_options.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a5cf1105d60aeb4bd2e6420554aecd6321e547a557a60adaefa03a482bdb1c5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 54083
etag: W/"5b4f39f7-278"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9q%2BMsLB7XlxN1YohGba%2BMbyupUNlVLpJJpdVB1Xs9nLC6wyMS6cJG3R%2BUOR6ShKDWkBJk5qr7l7AY5b3kq%2BGLkBHXiLZpCVfwC0sd7MZvCeu%2BZruR0gJLqViVWuW6ymrjdUrJhekgk%2BK0p3bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 75c81ce29d3c7744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Oct 2022 18:45:32 GMT

GET
H2 200 exporting.js Show response
www.capital.ua/js/highstock/modules/ 7 KB
3 KB 46ms
45ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/js/highstock/modules/exporting.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d32f16a8513989400a9e3311f0c1cd68bcada10f0b280c4349a8e067e144abf2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 54083
etag: W/"5b4f39f7-1bb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exCtY3XgSTchvlhaUqLIsFmnjmAjSmniTnULE%2Fk3QZ5EcxhrRyUlk80Z7%2B8rR7SKbklEsTFjGZWWU%2Fi1AnT8ohI68lEMwkLxfdRfBIn3jCHqWWmfWwu9tBDaJlkJbLdhaOh8T2K5aiMaKSTuew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 75c81ce29d3e7744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Oct 2022 18:16:24 GMT

GET
H2 200 charts.js Show response
www.capital.ua/js/highstock/ 2 KB
1 KB 44ms
43ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/js/highstock/charts.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6247f7daed995cfb08f37d0007fad0cb1d63ef1b2de5cecf9c0ab86d85a5d65a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 54083
etag: W/"5b4f39f7-9e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWroPfN4cInK4RcW%2FWfLjkahTT7wIYu8qFe4yNSAQ8y4WHUbBgCUOvOGZIyo1e1uxcW%2BynYKKa035t6MM8%2FNQ0nUfd%2Fso2xZ2W3Y9lUFOsw4z44RctM0CPdKRvWofpkQCSnu5GJI0XlmM0fZqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 75c81ce29d407744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Oct 2022 18:45:32 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
28 KB 165ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5444b06473882633b03435c4a2d8311af94223f4a428d13648c70f1bba62fc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27614
x-xss-protection: 0
server: sffe
etag: "1368 / 845 of 1000 / last-modified: 1666130728"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 19 Oct 2022 08:23:38 GMT

GET
H2 200 press_release_counter.php Show response
www.capital.ua/ 0
486 B 87ms
86ms Script
application/x-javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/press_release_counter.php
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cuOcAzp1oRk3XseR54gecyHhm88Kl08GaEHvcrKnHMSfAQsfYnOqlD7JV6wwzM43DMkhy01PNsW61ebs8c8h5uhrld2B24ZUprH7ZSEJpx8F%2B%2FOOYB2T9Mk%2FETnZv4qf1L55MMogipOFC7ffA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 75c81ce29d497744-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 logo.png
www.capital.ua/images/ 6 KB
7 KB 108ms
104ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/logo.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6022b9877bec4a03206412f11da47ccd5529399b152f41b9c7f0f3a0368e32f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6497
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-1961"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOXUmNcOgk3eaxx8dUsSa7nM8uUxqxC%2BpF37oeQULi3UiYvfgQhLRGjU%2Fhx1%2Bijf8feEDItwi2g6ur8OczZZMy%2B7GfUKLW1rax2C3XpBZNhfhF0OSPKck1TN9fbu2y9fztnms%2BUoIO2YJ%2FVkHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce38f164065-LHR
expires: Wed, 19 Oct 2022 18:51:32 GMT

GET
H3 200 e6cd6960111b8278452598a5e263d7ecae691979.jpg
www.capital.ua/uploads/news/2022/08/30/ 11 KB
11 KB 39ms
36ms Image
image/jpeg 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/uploads/news/2022/08/30/e6cd6960111b8278452598a5e263d7ecae691979.jpg
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0cf09bd9f43169d5c8293631fc8c1a507f227a1ccd0f688d68e1334d5fcef8f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10877
last-modified: Tue, 30 Aug 2022 14:30:21 GMT
server: cloudflare
etag: "630e1efd-2a7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3%2FtzgJo5ThRuo%2Fg83fqm9sBvHgZfTmvBqsBFSiOHiEnTgCZn1C28J2LV%2BiHVw3e%2FV8hSoeVSgUtE6MME2tnw1b4NtmGeuvtOPuzaAEqJbzlsT2o12%2FpGoIPCd%2FwRsxp8UWkGj1mvsQO7pYT0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75c81ce38f184065-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 0a972646f4fa63e0de69f5ae6257a75affe5aba1.jpg
www.capital.ua/uploads/news/2022/09/22/ 8 KB
9 KB 110ms
107ms Image
image/jpeg 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/uploads/news/2022/09/22/0a972646f4fa63e0de69f5ae6257a75affe5aba1.jpg
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ae76b693c9ae3d90eb97c87446852889c49a979eb8014e97cf9c3a9dcb8a3ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8180
last-modified: Thu, 22 Sep 2022 11:47:30 GMT
server: cloudflare
etag: "632c4b52-1ff4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbTRy0091r84cOhxVXxd8mbX%2BlZgu3q3%2BHzTrvIO7%2B4THMRhAmDipgEEkJPppFhMhGzlPqvdWcFP6Pb2BXZCJvcB9TpOP1pYYx9RvqewsU0Qzu1FmDSm3LfxZz2uziH5JTmt9UWZpzEP8vDK%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75c81ce38f194065-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1-2 Show response
www.capital.ua/ru/banner/1/ 258 B
605 B 81ms
81ms Script
application/x-javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/ru/banner/1/1-2?t=1666167810
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40b39ecfb0a69c9b8b145596dc63355850353298908699a12b44cb343285d18c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ENUWxhIynrKCT07Pxmo4YsR56epl%2Fya35DAwCC7oKpgOAxjgcIHDyW6u8%2FSNU6U7CjJVipP0tg8j8AUKR0qqdn3yOhIp7oL%2FW3ETb%2Bfxlij57K2nAD3scKWPks8IWYh4vSlBr7tRC8IoF%2Fu6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cf-ray: 75c81ce36ef14065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 165ms
48ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 08:23:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20361
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "40c22a9ccbd70870"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Oct 2022 08:23:38 GMT

GET
H3 200 capital_small.png
www.capital.ua/images/ 19 KB
19 KB 115ms
112ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/capital_small.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071e2b1d9a2b097b02637097cf21b804874be907bb233c0d2da7ac9e60dc7d95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19208
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-4b08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgRxq4caKno0kITbxcJccExdeOYACYX%2B1uT5V%2FxYIhjorWAXHHaS4NcBflbLZFjtACTRoVlYbDOvU89x9NdmoAseorXUfs8UMWZ8F0uhcQlB3geIo3276omKP3i4VidpTmEVmFqkGYzq%2Fbdinw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce38f1a4065-LHR
expires: Wed, 19 Oct 2022 18:51:33 GMT

GET
H3 200 ftico.gif
www.capital.ua/images/ 1 KB
2 KB 129ms
126ms Image
image/gif 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/ftico.gif
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c22238b94a54738b7abd0a017c2aa6a4edba9f4c18cf6192a6953bd753c07a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b4f39f7-5a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4YwNayA5uabNJIIEixk49i4IecpoJtbqdKGD8d1mZneVLaDo7lTJVKB%2FlEBfxLoxfz9lT%2FfE8OQJxkKfdCFhGP6Z9BwQdzwWD7DAvlEKwRETX%2F0egxf4q9oQwjnNSigFH8wHrstO7Cdg1PZHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce38f1b4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1447
expires: Wed, 19 Oct 2022 18:51:33 GMT

GET
H3 200 adv_ico.gif
www.capital.ua/images/ 2 KB
3 KB 135ms
132ms Image
image/gif 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/adv_ico.gif
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 511a0d1515cd71096dd0a3043120145478906f49a659403c4863820559499fc5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b4f39f7-8d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Egj%2FEAlDCt2lKwC4soj3%2BmUwYivBbBxH0Jeh2h%2Bqe4EjZsIzWtlm78pBDBcYSTA4%2FRKAxCZDW%2BeWzwzcVCH9fjico4IKHIF6T9cPe28L%2FILxDa771ey%2BmrWDMa5wdbMZLz2lQYkXPmoEAgU1Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce38f1c4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2264
expires: Wed, 19 Oct 2022 18:51:33 GMT

GET
H3 200 email-decode.min.js Show response
www.capital.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 36ms
33ms Script
application/javascript 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.capital.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2022 13:38:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"634571bd-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1WIo7ZujL3ijzlTkfiIZfqDI3NF7m%2BAo8Onb5dV2ZGcHCfGRUJHoIxwTiJ7lVVv9ROeVOepoZx3NFBa42KXZrQzL%2BMDvdqVogsPS6%2FzTcrh8INh6ve13mDlcAUS8hCC8l1kojdJ5LLHQlndhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 75c81ce38f144065-LHR
expires: Fri, 21 Oct 2022 08:23:38 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 179ms
63ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
server: cafe
etag: 11313833467736987248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 08:23:38 GMT

GET
H2 200 ti.js Show response
tcr.tynt.com/ 45 KB
16 KB 424ms
50ms Script
application/javascript 104.18.19.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tcr.tynt.com/ti.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4917a5290466244353dc49caa11b14916816e7523850ff103fabb5484222e0a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
server: cloudflare
age: 235062
etag: W/"62d96946-b4ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 75c81ce5d8ba7478-LHR
expires: Sat, 22 Oct 2022 08:23:39 GMT

GET
H3 200 print.css
www.capital.ua/css/ 6 KB
2 KB 67ms
65ms Stylesheet
text/css 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/css/print.css
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e7284d318cd4fe11463345aacc2c056edde135c6c7e6f52a74bfcbd4b0a005b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5b4f39f7-1826"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vXN0n4jOVPsMMgQRQULqJFvPYgV0XQ%2Bp8aV4XyqdezSScvJoY1q0hbaJDyX7HWSqQcVBlxSM5W%2FpgEhF8Klr06Vpt%2BeXD5uFz4dn1rDmrn%2FHTxlN1UmY9cePh01Dz0VWwyG2pWHnLT7qKhWig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 75c81ce38f1e4065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Oct 2022 20:08:24 GMT

GET
H2 200 autoUpdate.adriver.js Show response
content.adriver.ru/plugins/ 5 KB
5 KB 253ms
80ms Script
application/x-javascript 217.16.18.207
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/js/adriver.core.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.16.18.207 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
last-modified: Tue, 18 Oct 2022 10:33:31 GMT
server: nginx
etag: "634e80fb-1455"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5205
expires: Wed, 19 Oct 2022 09:23:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 99ms
31ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 06:58:34 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5104
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 19 Oct 2022 08:58:34 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 126ms
42ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43e0114a5f3917cb974acfccdafcf8e447a5147257e1bfd765c64ec4a62345e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 08:23:38 GMT
content-md5: iuEcfxvA5vHDx2XHVt7Qkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2166
x-fb-rlafr: 0
x-fb-debug: dbkYrhsPSv/XRU4cLeM0NqtqVmSGFY0F/GGZ+bACAwigZ2vn1p0n1+Ou1+hMpp+bjrFP5OYviFsPIHS8m0A8Yg==
x-fb-trip-id: 917726464
x-fb-content-md5: d0eb0d89c3462fbff107120f48212e7f
cross-origin-opener-policy: same-origin-allow-popups
etag: "1439ea4bcb7930223cda14416bf40346"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 08:40:50 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 125ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c833bd99884dc5216eba53b552c0c800dfe5c5f6694891fc8e6f42f782fb2ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 08:23:38 GMT
content-md5: Rp0Z5YvNa7xjM4e9h1O4CQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: hwd9rT8xT3wgzev5ecrbxg8RlaIi+W+R3Z9g324noyMJjBVTz4W9F0p4SExVplpKTMIeYzBcp5+8vrb5Xn6Adg==
x-fb-trip-id: 917726464
x-fb-content-md5: 1cc9e9c4c73561424d1cbec04e9b14a9
cross-origin-opener-policy: same-origin-allow-popups
etag: "ddb359e98e87d026ed0b815ffde86853"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Wed, 19 Oct 2022 08:32:47 GMT

GET
H3 200 pattern.jpg
www.capital.ua/images/ 5 KB
5 KB 96ms
95ms Image
image/jpeg 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/pattern.jpg
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be66554323059a0abbfa9f331f06186ebc979027fe2c85f15ee79e4aa593b8b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4820
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-12d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QT4AXkXdXMd%2BiorGoz1vi1YtMyiVY8Q4K%2FhJStSxFdfQmHVYBNKPxDpqaNIn3iIKioNiwopfINss%2BVWxVco0k78hdLMOG7mgAGRIrVLkxXHBmSaip2EmSpU89QMWyCUVwJLk1ZKhSRKZRoNrgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce38f204065-LHR
expires: Tue, 18 Oct 2022 21:00:04 GMT

GET
H3 200 apps_tabs.png
www.capital.ua/images/ 5 KB
5 KB 129ms
128ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/apps_tabs.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d75dc75cb106de2457bd8b4c6ec3bfcb6956ec5a71ae1d63bd3c04bca50d0c04

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4624
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-1210"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1L8aJZxfjSPcivifnRIde4DjBLOpjZlanqUNfkwYZrJQHUDSeHSiLzEGGliBlRqu49bs6jXbAf69EgDJpOWng5rSngLcWuDwLeqHZeCcFjprck0fMWawusk02%2BYen5FnEDQ2L%2BlTAJxHGxPog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce38f214065-LHR
expires: Tue, 18 Oct 2022 21:00:04 GMT

GET
H3 200 header_shadow.png
www.capital.ua/images/ 1019 B
1 KB 130ms
127ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/header_shadow.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631c272f7f88a030ed11f904ab44f1015e8a2a04fe5a75af36dc0a098f29ca49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1019
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-3fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIzrZ7i1wxlcPOiA6S2hFlOS4IIg6w2i%2FkSAjQ%2FIzhHcPMvgISzsXslly9VPUWu9W53zjUrp1yt00CNd9Pu67jF%2FvALCFRsJJqKnFMhJAdkeSt7c7k6VVwmysxRUsxIF8l57z0ummH1CcQET1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce38f224065-LHR
expires: Wed, 19 Oct 2022 05:51:25 GMT

GET
H3 200 src_ico.gif
www.capital.ua/images/ 1 KB
2 KB 129ms
128ms Image
image/gif 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/src_ico.gif
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d3c04e9e7e6154c1ca2e831613a83c093486264c3f1e0353b3d0fb9e23129f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1259
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-4eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmwnKQJZrrQ1idA1huMyunmnXRsMuaFCGdjm3EecGN%2FgeJ3RhNXkjy9udpaq5yJK%2BQ0mBq3ajCvO428HhzvKG5lqeQgo%2Fp0HoI0hv4RfAUJiQxcjvnS07ftk1V86i9R7WZbl8jxKP2Ta8xrFNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce38f234065-LHR
expires: Tue, 18 Oct 2022 21:00:04 GMT

GET
H3 200 ico.png
www.capital.ua/images/ 5 KB
5 KB 130ms
128ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/ico.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1ddc44e3081c49237803054c042aaecc07bb19cd5881c1f331e7a1da9aa1ede

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4767
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-129f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zk8wulFtzYRWCQC7nnsqg2RJ0r86EXo4Q5nfzZL5Y%2FymC7S4PGtSWr3XOtxDPaTpfLEoUelanr%2FihtVzH0y7LxZ%2FBklKBKWKtFhzOnorqF35hl93NdE3aakZwjS624zHDGXn8tfK1fNwmgXBhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce38f244065-LHR
expires: Tue, 18 Oct 2022 21:00:04 GMT

GET
H3 200 capital_subscribe.png
www.capital.ua/images/ 75 KB
76 KB 131ms
130ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/capital_subscribe.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b83f16828bd83d0d23827633f90ff31b26ce65269772607912ae09f6c69ec9f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76828
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-12c1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBc1EMfluYGDYaKtKdJ0eYNn3AQOc7LmDGulsfRu8X%2FPVZ8lS%2BoZgxs%2FDdKyN%2FsS6EkDbyBVC%2B9Fo%2FY%2FGg5O3sJPsgAXYEJGAERrl17PfuyLSISzuuW2WO0lGbO93y1ixw4jWrNgBLCd3C3nQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce38f264065-LHR
expires: Wed, 19 Oct 2022 18:51:33 GMT

GET
H3 200 line_sep.gif
www.capital.ua/images/ 1 KB
2 KB 158ms
157ms Image
image/gif 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/line_sep.gif
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bca3d7095cfd66495e1ab002c3f29c473e8937598bb6587c9837b08eaa586e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43237
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1096
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-448"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjKdukOhcKJpJgAT8K6gZYLMyYrHxapp3r7h5%2BnXRAPFIjCMjxJF8j2AyTYQECAf3TUWbrCKgskTjlFNvSMTZjYjHJ92yS1Zv%2FJD7WU3Za2DwGFak0RC7qBJHSGyEfhClyJxrtjOm5mVjGefuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce38f284065-LHR
expires: Wed, 19 Oct 2022 18:51:33 GMT

GET
H3 200 MoreWebPro-Bold.woff
www.capital.ua/font/ 66 KB
67 KB 66ms
66ms Font
application/font-woff 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.capital.ua/font/MoreWebPro-Bold.woff
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a0204474934112a6a39bedafb7614a689d6fec65a7423fa57fe5fd58369c6ac

Request headers

Referer: https://www.capital.ua/assets/optimized.css?1554978132
Origin: https://www.capital.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 43237
etag: W/"5b4f39f7-107cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzCrIaQJbkNU3xDHNACEUYMkhgKPhU2dZwXfVnGh7vDgAlZRbo%2F8XvGoUTq7%2FtsmTm3FRIVjfmP5dSYx6cOR6TzT9YREc2113rd311nyacoUkkZMGgHPjFbn65e9em3lubobDGK8Z9e7L8DNXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=86400
cf-ray: 75c81ce38f294065-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Oct 2022 06:16:45 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 97ms
41ms Fetch
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=bd0e7e8a17ae45c7c333dec9004ef332
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ae9f8b2245fd6258201abe84a8d5f0800b0c96bbd5525cee109e4ca89741ebed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:38 GMT
x-correlation-id: 3d9059198d3d435d515a1a06b7bf5ed3
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

GET
H2 200 / Show response
id.gravitec.net/ Frame 7871 621 B
699 B 145ms
42ms Document
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 08:23:39 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AcO1qhE056f/itWlAA
x-77-nzt-ray: d77y8O3+QYY
x-77-pop: frankfurtDE
x-accel-expires: @1970659713
x-age: 10868106
x-cache: HIT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 103ms
35ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-41262090-1&cid=922424976.1666167819&jid=2042479541&gjid=341495565&_gid=1275323833.1666167819&_u=IGBAgAABAAAAAEAAI~&z=520124646

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.capital.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Oct 2022 08:23:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.capital.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 94ms
29ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1804777762&t=pageview&_s=1&dl=https%3A%2F%2Fwww.capital.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAABAAAAAAAAI~&jid=2042479541&gjid=341495565&cid=922424976.1666167819&tid=UA-41262090-1&_gid=1275323833.1666167819&z=1252755310

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 00:09:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29624
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
86 KB 83ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7e422b2ecbd22513179166f78c9b31a5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

309171b26fdad31d0e64c028d8dff55761e9b7c3cb25a71abdf4507619115226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.capital.ua/
Origin: https://www.capital.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 08:23:38 GMT
content-md5: 13Ypqg5B4b+dtz3RXeDgXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88366
x-fb-rlafr: 0
x-fb-debug: igJ1gCMvccA2LrBHJeXvuYp+S9B4i5tzPIlTfe7bPe2sEVoWLVXj8Zts9OjW2LnHfhmMwodlN+GUHGcwioIb8Q==
x-fb-content-md5: 29b4044f77551ea9d8820dfc420b43df
cross-origin-opener-policy: same-origin-allow-popups
etag: "16a96ff19d832649a2b1b3c44214939b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 Oct 2023 05:03:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 122ms
40ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=667122436675876&ev=PixelInitialized&dl=https%3A%2F%2Fwww.capital.ua%2F&rl=&if=false&ts=1666167818939

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Oct 2022 08:23:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 212ms
51ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBF) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 08:23:39 GMT
Content-Encoding: gzip
Age: 166
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29223
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (amb/6BBF)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2

200

03.png
i.bigmir.net/cnt/
Redirect Chain

https://c.bigmir.net/?v16931254&s16932857&t3&c1&n918803&w0&y0&d24&r1600
https://i.bigmir.net/cnt/03.png

723 B
897 B

263ms
68ms

Image
image/png

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/03.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:39 GMT
last-modified: Sun, 02 Oct 2005 23:04:59 GMT
server: nginx
etag: "4340679b-2d3"
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 723
expires: Sat, 22 Oct 2022 08:23:39 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:39 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/03.png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/974279079/ 2 KB
2 KB 143ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/974279079/?random=1666167818982&cv=9&fst=1666167818982&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.capital.ua%2F&tiba=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e01358e148e7ff07b30c68688be48742e180a2b3875024d53084cc187365a4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 newspaper_factory.png
www.capital.ua/images/ 65 KB
65 KB 38ms
38ms Image
image/png 2606:4700:3037::ac43:9389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.ua/images/newspaper_factory.png
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/assets/optimized.css?1554978132
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13026dbf242c233de9ee074af44fb00562d9ceb94cd6cfa95dfbf192b40f1f56

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/assets/optimized.css?1554978132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66513
last-modified: Wed, 18 Jul 2018 13:00:39 GMT
server: cloudflare
etag: "5b4f39f7-103d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJYFjDjkzGiU1Oq7wNrY04%2B2%2B42nWUzesgoAvN9DokxBNm2cZBBHj0wj9Guw0%2FaedPCY3iLEGoUpiuihfW11oPvBuxaDJuhgiht8zNAciq78F6JEsEpKs%2FHFZznBLrviGGjNXPedS0DWSypA0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 75c81ce4b8a04065-LHR
expires: Tue, 18 Oct 2022 22:35:44 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 123 KB
43 KB 128ms
45ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96aec8c9f7981a987d0bacb3de756545e59a163f7fc94c47eea050b2f06316dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 14:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43528
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 14:11:54 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 120 KB
41 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f08af001134142200d0ef8e41ecb0f6f8d91951208c13f9e207e78d8f928b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 12:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41753
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 12:40:01 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame A22F 3 KB
2 KB 160ms
72ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1aed11cb5536154644e73c874b28d26fa48d32e56d1c9298a409372c1cb4f576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 19 Oct 2022 08:23:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_2022101301.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 129ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131264
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 15:30:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 19 Oct 2023 08:15:13 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 90 B
723 B 135ms
48ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.capital.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbfedbec8c19e0e93646a74d2a83346d563db2821b2f0ae2c0bb5e43989612cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0
expires: Wed, 19 Oct 2022 08:23:39 GMT

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 30ms
29ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Wed, 19 Oct 2022 08:23:39 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 33ms
33ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/bd0e7e8a17ae45c7c333dec9004ef332/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Wed, 19 Oct 2022 08:23:39 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 /
www.google.com/pagead/1p-user-list/974279079/ 42 B
548 B 245ms
57ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/974279079/?random=1666167818982&cv=9&fst=1666166400000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.capital.ua%2F&tiba=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&fmt=3&is_vtc=1&random=4058175322&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/974279079/ 42 B
548 B 239ms
52ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/974279079/?random=1666167818982&cv=9&fst=1666166400000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.capital.ua%2F&tiba=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB&fmt=3&is_vtc=1&random=4058175322&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame A22F 38 KB
6 KB 121ms
40ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 10:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Oct 2023 10:36:43 GMT

GET
H2 200 AMLnZu8pOJHsEl7LmdDr4k4y_Yp5y0neF9Mnh-TlzVEd=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A22F 1 KB
2 KB 176ms
40ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu8pOJHsEl7LmdDr4k4y_Yp5y0neF9Mnh-TlzVEd=s48-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

75aaec4b62fba6c84cb3c62422aaf9ac5daa12d8f6682f2e332d2a6ab24592d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 04:43:05 GMT
x-content-type-options: nosniff
age: 13234
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1188
x-xss-protection: 0
server: fife
etag: "v52"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 30 Jul 2022 11:55:35 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame A22F 252 KB
72 KB 126ms
46ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&layout=full&count=default&origin=https%3A%2F%2Fwww.capital.ua&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 14 Oct 2023 01:02:57 GMT

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame B9F0 320 KB
104 KB 46ms
46ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.capital.ua
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8C) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 40679
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Wed, 19 Oct 2022 08:23:39 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B8C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 3927 566 B
903 B 178ms
88ms Document
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8277e5ee4b5cb9dc4ab09d5704dba84190bfde4f1f4931d1162081c915ac303b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lJJjOz0sJJv4llNlu3RPaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lJJjOz0sJJv4llNlu3RPaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 08:23:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aY8v7MplSr47tmacwqm_6l.js Show response
sc.tynt.com/script/sc/ 72 B
451 B 67ms
47ms Script
text/javascript 104.18.19.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.tynt.com/script/sc/aY8v7MplSr47tmacwqm_6l.js

Requested by

Host: tcr.tynt.com
URL: https://tcr.tynt.com/ti.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.19.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cedd780f76a420cb35b50a5a67dd45a38504ea9d5cb8f659f0539a4b19c3c8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67374
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: ebc1b77a-5cb9-41b1-843c-c2cbfb02ca29
x-runtime: 0.002486
x-content-digest: b60c39066cc74a425a897c870ec8ff2f30b9e758
last-modified: Mon, 17 Oct 2022 14:04:38 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400, public, s-maxage=172800
cf-ray: 75c81ce669917478-LHR
x-rack-cache: fresh
expires: Tue, 18 Oct 2022 22:38:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 139ms
52ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.capital.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 136ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.capital.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 167 KB
49 KB 994ms
914ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2506732229346338&correlator=1232613337567292&eid=31068498&output=ldjh&gdfp_req=1&vrg=2022101301&ptt=17&impl=fifs&iu_parts=79855315%2Cpremium-300-250%2Cpremium-botton-300-250%2Carticle-botton%2Cpromo-933-46&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C300x250%2C468x60%2C933x46&ifi=1&adks=2673231228%2C465682209%2C1085093868%2C2660635015&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1666167819293&lmt=1666167819&dlt=1666167818636&idt=633&adxs=1124%2C1124%2C-9%2C176&adys=328%2C667%2C-9%2C313&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.capital.ua%2F&frm=20&vis=1&psz=300x265%7C300x265%7C0x-1%7C932x46&msz=300x-1%7C300x-1%7C0x-1%7C932x-1&fws=0%2C0%2C2%2C0&ohw=0%2C0%2C0%2C0&ga_vid=922424976.1666167819&ga_sid=1666167819&ga_hid=1804777762&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd2d5121b311ae2773521cad6644392e12a6153a096c4a05d9a6934ecd92b12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50420
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.capital.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0450 6 KB
4 KB 173ms
47ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:23:39 GMT
expires: Thu, 19 Oct 2023 08:23:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 738ms
115ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1666167819301&dn=TI&iso=0&t=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 19 Oct 2022 08:23:39 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame A22F 156 B
179 B 52ms
52ms Image
image/png 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 11:08:06 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 76533
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 18 Oct 2023 11:08:06 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame A22F 128 KB
42 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 00:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42573
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 00:06:57 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame B9F0 851 B
676 B 237ms
146ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=dd3c376b3d90934adb4175c7e10f9d89891c08bf

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.capital.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 19 Oct 2022 08:23:39 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 19 Oct 2022 08:23:39 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: ed68c675394a01df
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 9e3cd02d94743423f0d3c20e7c3aa78c0abd8f211b2b0320e8ac6a967e1943d2
content-length: 355

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 28 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7659dc6c77000ec4b6745b5e6af107bd30ad9a0e92bfc0e406d5209ede488608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9430
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 02:37:24 GMT

POST
H3 204 cspreport
accounts.google.com/o/ Frame 3927 0
20 B 171ms
88ms Other
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PzSDLZrhD8uDMKLQBXZ1kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-PzSDLZrhD8uDMKLQBXZ1kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 3927 10 KB
5 KB 128ms
41ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.capital.ua&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 14:07:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 11:57:25 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 3927 14 KB
5 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae8ca9667580cbfae698d922360d33e82dc3a0b93736bd3b41392e2036a50c17

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 08:23:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5576
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "57666e60922e2537"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Oct 2022 08:23:39 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame 9CB2 601 B
290 B 79ms
79ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aaafe790719485f7f4955653757b9a3d8b22cd6d97f42b8a2ac3f7a63f58ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 19 Oct 2022 08:23:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
101 B 112ms
44ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 48230
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Oct 2023 18:59:49 GMT

GET
H2 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
140 B 111ms
44ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 48230
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Oct 2023 18:59:49 GMT

GET
H2 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
408 B 110ms
44ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 05:32:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 10261
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 19 Oct 2023 05:32:38 GMT

GET
H2 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
205 B 109ms
43ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 20:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 43845
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Oct 2023 20:12:54 GMT

GET
H2 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
406 B 108ms
42ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 16:04:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 577140
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 12 Oct 2023 16:04:39 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
260 B 613ms
114ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=aY8v7MplSr47tmacwqm_6l&dn=TI&cc=1&r=
Requested by: Host: tcr.tynt.com
URL: https://tcr.tynt.com/ti.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Wed, 19 Oct 2022 08:23:39 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 4
expires: Thu, 20 Oct 2022 08:23:40 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 9CB2 9 KB
2 KB 41ms
41ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 14 Oct 2023 03:44:39 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 9CB2 149 KB
44 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjB5yhfBlkWetOYNmjD-GHw&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 02:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 14 Oct 2023 02:45:57 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame 3927 53 KB
19 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98280a2e473b4c77505ccd09e2d3a336448fe7742694869634aaa872956727df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 13:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19063
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 13:29:01 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame 9CB2 128 KB
42 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 00:06:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42573
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 00:06:57 GMT

GET
H/1.1 200
OK button.d2f864f87f544dc0c11d7d712a191c1f.js Show response
platform.twitter.com/js/ 7 KB
3 KB 59ms
59ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBF) /
Resource Hash: 236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 08:23:39 GMT
Content-Encoding: gzip
Age: 40678
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 2362
Last-Modified: Wed, 28 Sep 2022 20:04:20 GMT
Server: ECS (amb/6BBF)
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.7dae38096d06923d683a2a807172322a.ru.html Show response
platform.twitter.com/widgets/ Frame C07C 41 KB
16 KB 59ms
59ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.7dae38096d06923d683a2a807172322a.ru.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBF) /
Resource Hash: 7c94c9af82fd4dc9f46f53f948932829c6d17982e61625a5aa8ccd9339ee35aa

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 40633
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 15492
Content-Type: text/html; charset=utf-8
Date: Wed, 19 Oct 2022 08:23:39 GMT
Etag: "597d46a67724d61e51ae6b66d19a4dbd+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:23 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BBF)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
104 B 149ms
148ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.capital.ua%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ru%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1666167819742%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=dd3c376b3d90934adb4175c7e10f9d89891c08bf

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 19 Oct 2022 08:23:39 GMT
strict-transport-security: max-age=631138519
last-modified: Wed, 19 Oct 2022 08:23:39 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: e916445df814a334
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 9e3cd02d94743423f0d3c20e7c3aa78c0abd8f211b2b0320e8ac6a967e1943d2
content-length: 43

GET
DATA 200
OK truncated
/ Frame C07C 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 116ms
115ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1666167819301&dn=TI&iso=0&t=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 19 Oct 2022 08:23:40 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 116ms
115ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1666167819301&dn=TI&iso=0&t=%D0%9A%D0%B0%D0%BF%D0%B8%D1%82%D0%B0%D0%BB
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 19 Oct 2022 08:23:40 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 117ms
116ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1666167819301&dn=TI&iso=0
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 19 Oct 2022 08:23:40 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 container.html Show response
1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F57C 6 KB
3 KB 129ms
44ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:23:39 GMT
expires: Thu, 19 Oct 2023 08:23:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBE2 6 KB
3 KB 110ms
41ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:23:39 GMT
expires: Thu, 19 Oct 2023 08:23:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 116ms
115ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1666167819301&dn=TI&iso=0
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 19 Oct 2022 08:23:40 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5D67 624 B
297 B 146ms
52ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCA3fC1Axjx-KnVATAB&v=APEucNUJhiLTPIqJGJN-0g8oZFfiFyKQK2PVLiAOfOnD8xebdRmPfXpfhI_KattNkoh1CKOlGbgVlS5o9l59UfVAJOlFzuSWBA24C3VNXDhimkEiwgANY7IY93fGOt9yB2DtpifPfEdQnZHHdd0E9dCFRmPMZbNiDCXVY-U9VY_8j9hDoBGCi4Q

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:23:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BBE2 15 KB
11 KB 166ms
75ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D26nD0la-TK-eRre9_BzldbMvHGNifuy9y0GHQzgifYg0zXu7KCXRbbSaMyd11YHuQBloVdREf43BE3NHiaq9bLlFy3fj8JZ4NYK6BaOuup91v36ukc0uIqsaxwwTarj6I5UB6J1cT2SR_7fD4UKUja9lwssyBlbJyRbZ1RbZu0vB2kE4&cry=1&dbm_d=AKAmf-BHTdzULpjssR3T9PYXcBpxmSLo20DPtpH3Imgh-EL2L0i1A68fgOOXwXfR8PGWZlRxQunlCUyyYVa-QKSFg_wy-UIok9JhZ-KHzA2EWv0r8y7y0G82zHWNL1lE2-kaCXjmvVFrSA5Pssk6pku2mNsmGA4E9LN9KA898EfV7QmD4mWE4caAFonoyPnxBjUk4hSZSw5XMTFncFIZu8VhaOQ9dh6n-5PVjofV_5o3aGvoYsBD57n_xAjQAs-y4wkMoMMCwGBoxZjor9gIkykvVmOEcM1gz_suZXjwc7jHKwRDLA2E7ugOk2dzyt0KGkE7xU9HzTMR9LcsxT0bfUaP-z59wLIijR9tVsQV4MNvXpLgphRe1bW-CmMoG7kra4asZbcWJR8Rl9pnKlofgyrl4Mn4p-ycUziX8CkCRWKW6eU962wS_SU-F4s6V_itSM2XH9-JYm7ZaXmWbWYRsZ-d636ne38LPgdLee9jIl7R7ZMOS2F7PnsFpzC-cQrz3_t1w_SG0URM8VL1YJIHELJq0IQCL2kIjnLle7p1SsagiofxhqNlwb1bGaUGthj1E6nGsQEeEvI-IqJFW-Rjs12ieyStQv3e2ldVsa0HV4A4BYZnw4n56i6u2wtqfn61Joq0ES9tCdutmrvFpHt2va6XNgmglAzS0LCifNwMMQw9wHgnaeP3YNoe3KWIuvm8x4uacT72_Kq1hHKVl2qaxPNmlw8wknh-01tYQIrRbSQdR5t93VlldAJHTitwP9g6vr2HZT2GXi9yYSTZ4PI09Ir-CKQJ7tZGS4Ac3ra3SLot52XSLObX0ANXgH9BGY2N0DtWhxTQ2MMA7O0ETSbXmYfNUe7AGsoXW-YI89TjsahVrabU3SiO1SYJtMV0xf_R1Rx1QK4sxtebtM0FCIfsEDGLkaiccGO3FOoCa9TpDMoNtoKoOjEuUlp_N5Hq5e1jHvkbVN2svKrZbAzhFy_O3Y64_APYIACcpkdpQBSZm3bWStsWUvrf5Vz4LOdHkn9o-S2OIw9Z03Ct0Y5QZ-z5UCyl2YQoRqS96c29OKMoUUn1Z0WVEU8CqHXbdYm_TuTGcO8ueLtpnBZzu4tbKlNDgVgm0fL12ppCY7AADucwJROS3wrvhYPNTjWqa3PKRwfbHlRux-r0IyQuPJzW2Q4KqBHu5ERQRquGhNOBlqkxkvN3k3dVm_b7F4kyFGuCnh_0KU__5ZcyePXdoTuqyBPbwnmWhrSsocUv6ZwxvFEaNlb6cd-fVMNFBU7ujCBsYGWVWxA3wtPtdERoKnOWGYsxwI4U1i7EtSpe6AvwZRXq6JkuOLjwj8c6U1B475sJ2Cl1uXst0oQvf4vj6zUTf4gpMX9OI5jwf1s22FxZdbbI1Ym51cUzn1Ik4cd_brwWaswzvAIVMwDgUszIJsyZKyQz5MxVhiMm0CmVXyOjeoB93BiD824lLETN3esS0m0jnMrLJVaTLwmT9UpO6y77l-Kr-Mo-vqrTSXLcdonvCsVvsCOu7zwmR3E8Ogn85A7gmmUyo22pWRsdR47ZkC_FSnc1pJbKXq2w2aNfotEilM-VamhXtxeZPZB_Ayl-lHsPouDSHZdL1xiu5qAlYuGE66pbTtluYmW7rmXViWMvrxOZrXyONrUxMX2CCGAcfNVGmJDlVV__H_tYMv8h6g8sOHYoQulufMvm_kK9XamXkqf56UrpEAtNe1Z9hB-gjvMu0fALRX-XDouOyrVaBdvL-Wmzuoe-OgWho3Usz7-KyCMgBIcZJjSS3c-wcWbgEHtUIegBKu1vLyesp4qjxvqaTYmurHFrqcxdnQ3oCh6d2kgxdAiJNi1ATU4BSzzsEkHutpw1dNxOc7Z3N2a2sez21GeInp1kI91RG8d23Qgl4Qq0x2KdPrzk-78Y7Jmc9M-vr4kyulKzlhjggt2I4DJhKHzRDCtddBIXua5FLSAeKq7uw0gs7Qm6w-YYn5MGJ0Bv0QPjg7d2Gr_MSrRDx5TcHJg_cWH2C_6_RwCJqhpEORdvIxbin2lCQQOeq2cxWlpejFLSJIAeMo_XkK_WyJOkDQaFICrKjysM08kfE2ZvKrxTct9mB2icBD8HkxBeW9WCHqtc4_wlXWKtKIudS1GVa5N05t9KmsHl9un2O1YMQo0BtgZ7BgnzuSKzbZikT4GRyn_Ot6GKbHDwQHypUhILFHoNcexOlmpB7nxbe_pPZ3k11pO_je1oOhLKMU8btiDxdYKe77tlep9F3rjbDb0pBSTdyMswBB1ZGb0KnMqEELzlfb4vyqmBVn6jfOMZoRw1dukRxoAof-THeaAZYLmJIrJ3IAssHx9TkmsF7zW1THxT3_ZJpXrSJNcSVt1L2y4XUnee1ernco5kY8GKBq4aOy19xV-TcrhLQazGztGJWgdKRj2sERpF-fr2fuO3zNSf4Ah75yRwpdDrY0v7yx6uVnBZHc4RhBf5A60_f3G__LBamFbdYmfjdNrqGkbSMIiuD37v21kw8cHX8K1gkuch2vFisN4AcwKnrC3-MxI0KoOXbIlSDBTxPdB4V-0RgYlZTI1T2DWca2l9h3mfJsN5MXRAEuN6XXW_2bDb84xS0pVH558uF7wd3Zswp08ktsIrSYejonK--elnHwfEqlrHT9HBarNcqJoip3V6RH2eGvGZBaCHIFFISgfONJYQ_L66TloMABHA_4Jv_R8WkFb5MBCGCUypDs6nzeN--BMam65uydqlCPxzJ_lyg66QNZZhZEyFSfjyzjlSgpuodn_YeSt-ni439bPOgz-LcSJTsG8qvbZToYaSyAhGyX2WzlzyWBFc1e7IAYiaMJ4mxQo4-lsetGuDHfCq9faSzFw56HI9p26H_mp689xqCzJLzDVd4F4l212OKvT-vfBK1BD1IlJXLXf9Id-4xtxFZjuWU6EQsFqD4Jb2nGbJsloiw2IpoRpY8fAHQAhbmqeRgCegNyNgIothNmFEU8IBTYKif8nJRae-B4j_JliYxKzqnAOHR3_wrUfxWuWSezL_6yY6gCYuNDytIelwZmNbxopWPz1ZyMgrJsg8n4YVbkEw9QnW-zJaq6nlMrbi6yw2VpKbmk-ToTYahoW2lop3iib5ZE048YgK00J_j4i5UwSGnDKc-SCGdYXj8Ij7015cQExh45iljf4WzaViKqWxpVmH0Tw2djAp-tpagiaFEWDkJQNiMDWljNp13i2ht3h6sdqtL2BYXBmK58PHMYnlM3pRhbLNIS8JJaG-OmXP_OnL_Xy6BQOI1pHOytC37jVj5PrKdNAtEJf5JRi8taIOKAlvKtDGqBu79_SlD9FKwKu2E1QIU24VGbcLrlOpXUDd&cid=CAQSOwDq26N9ZY-4HtrTq9eNSCw9ylA1jkIl1cUCKTrhnRQxbD37Abq9vx3umWzna3ZWsyYa9-N2YPbxXfHUGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

209300f84ce14ba04694409d36cd5677acc3c8c452c9e7f3fb787cdd5a6a7688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11216
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BBE2 42 B
269 B 81ms
78ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Af0_hpQpu01mzEw0AWTUVA94rzSRRApSAXS0C7UAvLfyHycPZNIbPcMPjciO8ftYm0B7RR6fRnwKjiB5cE7ddar5BfvhcD9cu34gLRR-xafin0-OM

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame BBE2 2 KB
1 KB 162ms
40ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25694704&cmp=28470308&plc=345047869&sid=7857561&dvregion=0&unit=300x250
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 08:23:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:19:47 GMT
Server: Microsoft-IIS/10.0
ETag: "f128ce2aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame BBE2 47 KB
13 KB 198ms
75ms Script
application/javascript 52.208.57.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=1008913484&campId=18285790766&pubId=1&chanId=0&placementId=447380593&dealId=549644393847897261&adsafe_par&impId=ABAjH0jMItkjj7ZBnkybMuoWA3Li&bidurl=https://www.capital.ua/
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.57.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-57-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5baeb0ba58b9753072a4ab406a67e1c03a32b90699e831f3fa3baf959d82e591

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame BBE2
Redirect Chain

https://secure.adnxs.com/seg?add=31654010%2C31654010&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31654010%252C31654010%26t%3D2

43 B
1 KB

36ms
35ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31654010%252C31654010%26t%3D2

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
AN-X-Request-Uuid: fd2d0805-dd1a-4cae-8ba7-1a5dbe8dbf28
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
AN-X-Request-Uuid: 9548c26f-d2cd-4c7a-b9c5-a17098d728f6
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31654010%252C31654010%26t%3D2
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame BBE2 3 KB
1 KB 174ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 07:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1761
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 07:54:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame BBE2 17 KB
8 KB 163ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BBE2 0
0 159ms
51ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9eFj5065p_MqehL1RrQysCR4clPw51BVprG6iBxM0JCUVgf_2Jo5o09l-570U2sB-JgqMzuf7SABBMjcR7LrQHb5krQ
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBE2 152 KB
46 KB 187ms
91ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 08:23:40 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3F16 624 B
297 B 141ms
53ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCA3fC1Axjx-KnVATAB&v=APEucNWM9m7KrOwdpZJ-gELL2bu8KTdgEIIfhqEIK_7fv9lsr8OHUz2QK4G8OcHqdXnxGKGHkjxl6yLNVwjbOfbjOBj0TYQ2KguSLwO0bp_gLWGD5trw60NfemSpm2Zs8Pv6JUtVgiuRR16oNev-7xszkiem9h-cW0bws6il6A_lqk19lUw7SIU

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:23:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F57C 15 KB
11 KB 167ms
81ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AevXXT9mcFSk37xvkhh9xNv1MYB9aFk6qTGBgXBF8hWZ2gAnM_Zm0IzVrhvVVMFnBHBXdvbwrVfdMPy6sQN2MwlgRQPbl4ems-lPGUmdW0Fdgwh4dXtTW946EpRTyuuHu6nBup282EA_g_TUbQtuBOTRHUgVQaA055Z_o62BFOTmnAIoU&cry=1&dbm_d=AKAmf-CoAqvShlwLV0Onr6W9cX0vosXNz55ecAdz0JOkQxUSAQn4udbTMYzXhMuLcGBKQnkI7s93uTT_MTYO6SfWMNNxpASDNCxM_HUtegHvDq7mJ1oXkJxmV3eZjG64O5JDjjKuyZ2LVyEbgy5g3o0HkE1Cz-bXYvyWpQ7pTH2oy0nzWYQJy6mTTbdZx1PxSFh5cPq4Gk--amUsm12bfzwtNYFDyUy9LC_o98yuPKJDx4oISYn2wG_W2SPnASKPZQW3tHo5PfvO-VTUbg0eqNIbAR_e6j77ktnQ19txbEOGL7HFdF_HLO-AJaSMUVBBdBB_Bp9risPf7GisrKTKXMzR3C48CINLv_kCLoHLVA1aJCG5rNWL-T76cwFwcBMsFvFkki0NXv3bYH6wwPEAtBzrEPxInDfS6i_n3CwMnxiCYGJ_jZEELKaBJSyn7ROk00eM976V81H6Ie1wdAimEFwd8ApPkYK-X98BcK5aQ_jHYidfOFgT-OAlxdc9KlQEeD0V006iPywKUbswzT04siITqgP6RHPWcbFL0HG8H9mt58UKLwwfvTQltQmKZJmyOgALptJCo1pMQR3gciekjo35Im_BtKtidXbC9jxEyT0mRBqK0PWJ50okXRFJs6eEkXh1bkuOavSgeKaES73PcqXLylPKY6lUkP4qbxJu3J0sIbE59Z8MaW2qmAF9GBxF99k6s_ZIJ-IvFkmYd13EJX9MKvVjFDMUcr_9jD-LMQt6zRiZjKzY0zUhVhOrwEPOhh2Gc48634S86wtgZ8G9z7HjlBQGSafFF2a8Irc3Jw1lraDw2m5jaiIqwvLLN7epzsha95MIjbqmxHSguTH7Va7fo9lsVc1IlnELVFsuShuQQiwVsc9WwtSp3HH9EjnMRsPAiA1bUG5EZ9sNSmoeHv3ajHopB8XeFvlo3X8uWZDFi_11tb0VoFSYh5VizMRbSMo5p1rPLpy1tNdkNUnIvzgnMcX_W-YGBMLhvwtCpmY0Gh1dR75eyH-eOJCQBBTsOqI4qImezaZ-ZH12BewDv7fl9oPr3oGkBBhOvJwIWhMpKXp8RIEcCTiXKBG7mjKGaVxVxDvH8sW_mIxBYPoJx7_7N0WseJ-ZCpLE72wT47mS5Ht5yj9mMBfCUMSL0tUBM7QqG3WNFQ4U36m1GsH-Zo3gZVJjFH_cDZveHiJH0ynH01H59vmei9FR0upSpZj6mShj4W10CuxZx58i739VCXvKZm5zAeWy3nCwtW6kxf8W8NVtLPdrH4EAci7O0k448gwPZHB5w-6R4ivON5HPvoSo0Fz4ifgkOupXUcMhqU10E265ZG7JMYUiUY9ebsYsXaCetbuRezyEYHInCcXFe0tvTCs52pkcnV3qID6aLPFr7SGC2jQDrpi7Ec75LKiINMy9LtHGn-zhIPD7gwAvf2vyXdN17-OqhDcPjwf7VX0XGtVjUKDbTqzR2CTpmbw9tOkaV_DUWFyjwY-MN9iR9e751boHU00dUb1OIE_bOlmI8vJMZ0z9zKtvNbtAtkdrVdjIb1c5kH-9c6lpciTLUUcnJsrQlSC2ttdsDvqT3x3KGZkWuZ4PU8fGCrLd6WqkgK4LSNlekK0qRRZOwbOWPlY_FwQYRntiV5XA1MDIelg9F0k5eyyel_CJgoBIFLodLzsY3yD4kuj0fyuYhlUFzW37Xil8MJHcLmwKkK1ollqQpoE9iMbuWTUE-LoJGwIGt1G0DXAJTvIbYokGjWiOzge6qLoZ_XMiv01FI3LzthbJ1YGJyKxTGpAHMO3KV-VIebf5FgvmBqBOnLOVWQQYF7hJXwUmqnad01dbnff76pGegoxp4NZfbmOac8D2W08FBu9w2Kw6sAxM5svgBtxlRG0JRJw0MG0ghD1-vNJ7-D6DCB7VSXSn6J3aczVN5rvaydb7hUZ7xxTi3UNlzyygvGxvLzb8tuSeRAEpzoDj4TyIS4AvTooI_aCeXt6B02aYgK8Jd_SFfU-53VbS2QkMFWtVyF7qsk1oU3moHH_iWuRFuqZduoIH41F_xXgfLZqSoosjy8_RLGXbofLrSxhqZFLrA7zrJfPoY7qbo0rAPv5RZEsW_d_OS_ZKMXmU4iirxsW0BnwyZig3uNk9okyO-tLTB8yAmhr7KO1-55G3KwbKNg9flrvrx4BSuQxdmwmE58Qh__cLXzhmAp_iXT6aLdmmy91VCRbuslovTcYjPdmjMuey2hElWIMUUW37bz1GpPagdQW7cyVviK29jRez7v3iMJSOY7CqSXJJD1CjaE4IY44PSdH5NsPMXHsaRzk7phufUY0ucmgFmEvia0iMacpX1UyMbHUcyJyn97w1RguAD0GWycocjgztzY4p5m-SfU9YUh9PXnaib7KbjzO8o2P9jidku_TJJMziNPAz4l7e0tzJS2FGD4NdkrXWZcrr-lnjsr3XrT_Kt3x7JYWaXu_L1KVdQ8hkZ8CrjJe9uL_IMBsiqsF85vlamATF6o-C0MIqshPUhRML-DQf5rbjqW5inm6VpbbJs8bYpTA0M1UdmoNvkRQG2jDc0mpWuuVW0sfHaCrNtzHS_L5zoWrEG-SPaDJ0XMp3zejewgWQW1MQKPdifCrfMFAUmQ5YdXkKp5YTZBqfUW50UPWX14-j9tXmPhmIHbsPV30kv8vsxexgZJa_Uvmm4doZDbX7NIX00iT7AFf-daQ1ow0jNSIfZFjPgRlXP2v8X9LBNWPpY8W3CdtapBrYYrhEXsqiZek0wzG9mnb8NgvewTF84T3bWsmpcYhmp6t6tl4dhkXMzbIk_WJhedqUfH1JE7UqYBSPGRpekXwqA-rUi0RFe9CpHFEvqnpOt8D-nPs-eXXNMvrCE4O8EO6m8V-HYWwanFI8WDoiwp9-0-M0ooJutrX6m0mH9mPcJg7X8dfLX3NyibVL2QWzJu6piO3F_cFk8C47AfOhI9jSf5tOUyAfx4J_fkfiZXEweP54EuAhA2mI5KGn22K_CQD5gs2PKSWY8aEsM8haYSI4n3V97a9vnkCY9eQJeFqXYH-AFttZbBHxYoO7fnp_MJR53vP7fGVNwI6idaHfp3eLQBObR-5Rma2oU8SqXsqTNFI-YDB6tmDJSUdy62_Lp5T4uuCPlFX2f7iuSlYSPD_7HDo1IbqYZzA096furWSzu-UqgqULQGf1bzNulnZ10xXonymWk8FFzLcDO8EZAwX_vj0-qCSD8C5mgPeEF2SljMQlCsQY2FKLq7rdUt_c7uggwIaWOBWt41AdqP93ZiQiMF41VgCcNia6NBAJJg7xxk8tbZgaFOQAfIAXJiUfmtPB2cE&cid=CAQSOwDq26N9ZY-4HtrTq9eNSCw9ylA1jkIl1cUCKTrhnRQxbD37Abq9vx3umWzna3ZWsyYa9-N2YPbxXfHUGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240

Requested by

Host: www.capital.ua
URL: https://www.capital.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

281ce98b441f1e5d717feb1eaf58d39a77f64886e9a8203dba1e21e05ffb0b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11426
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F57C 42 B
107 B 80ms
78ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CiH_ZBSMzETmefxQl6OfP92uLnm0CSpW1K4hiaAH-JXTbdXBq2mm0SoJ1Q6DGjnxO2mFU9suLRHb44yvUfOOvwAkYAKOSdsel9NqDpUPMz8Icd8lM

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame F57C 2 KB
1 KB 158ms
40ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25694704&cmp=28470308&plc=345047869&sid=7857561&dvregion=0&unit=300x250
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 08:23:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:19:47 GMT
Server: Microsoft-IIS/10.0
ETag: "f128ce2aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame F57C 47 KB
13 KB 158ms
40ms Script
application/javascript 52.208.57.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=1008913484&campId=18285790766&pubId=1&chanId=0&placementId=447380593&dealId=549644393847897261&adsafe_par&impId=ABAjH0jJMtrWnFIQmiBMB7XQXW8F&bidurl=https://www.capital.ua/
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.57.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-57-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cb60fce33ad955171d1fa963d4aa2231a11846a4a4660f7c518f7799d92ff723

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame F57C
Redirect Chain

https://secure.adnxs.com/seg?add=31654010%2C31654010&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31654010%252C31654010%26t%3D2

43 B
1 KB

36ms
36ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31654010%252C31654010%26t%3D2

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
AN-X-Request-Uuid: a11126ce-8f07-4ec0-a8dd-e95d60b66d3f
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
AN-X-Request-Uuid: bd28ae33-39ca-4eb8-a6c7-f6bcdbd85a50
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31654010%252C31654010%26t%3D2
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame F57C 3 KB
1 KB 170ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 07:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1761
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 07:54:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame F57C 17 KB
7 KB 162ms
45ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 23:21:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F57C 0
0 153ms
50ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR98Ve_D8Nc_1MaBRQrAD_nlE_ISa07-nBHTa2JUWPbovgkwVJjkr-UyYnaFngqUG_WsRJQJH3HlC-QvQzrnvB7_2313w
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F57C 152 KB
46 KB 155ms
65ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 08:23:40 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 117ms
116ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1666167819301&dn=TI&iso=0
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 19 Oct 2022 08:23:40 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 118ms
117ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aY8v7MplSr47tmacwqm_6l&lm=0&ts=1666167819301&dn=TI&iso=0
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Wed, 19 Oct 2022 08:23:40 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5D67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1

43 B
766 B

78ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCA3fC1Axjx-KnVATAB&v=APEucNUJhiLTPIqJGJN-0g8oZFfiFyKQK2PVLiAOfOnD8xebdRmPfXpfhI_KattNkoh1CKOlGbgVlS5o9l59UfVAJOlFzuSWBA24C3VNXDhimkEiwgANY7IY93fGOt9yB2DtpifPfEdQnZHHdd0E9dCFRmPMZbNiDCXVY-U9VY_8j9hDoBGCi4Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5D67
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0.0DMsXXDxYwh0x9VY2sgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1&google_hm=2

43 B
894 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCA3fC1Axjx-KnVATAB&v=APEucNUJhiLTPIqJGJN-0g8oZFfiFyKQK2PVLiAOfOnD8xebdRmPfXpfhI_KattNkoh1CKOlGbgVlS5o9l59UfVAJOlFzuSWBA24C3VNXDhimkEiwgANY7IY93fGOt9yB2DtpifPfEdQnZHHdd0E9dCFRmPMZbNiDCXVY-U9VY_8j9hDoBGCi4Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5D67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5iFrKH4qSNxYIW0uh6e-s&google_cver=1

43 B
1018 B

40ms
35ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG5iFrKH4qSNxYIW0uh6e-s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCA3fC1Axjx-KnVATAB&v=APEucNUJhiLTPIqJGJN-0g8oZFfiFyKQK2PVLiAOfOnD8xebdRmPfXpfhI_KattNkoh1CKOlGbgVlS5o9l59UfVAJOlFzuSWBA24C3VNXDhimkEiwgANY7IY93fGOt9yB2DtpifPfEdQnZHHdd0E9dCFRmPMZbNiDCXVY-U9VY_8j9hDoBGCi4Q

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
AN-X-Request-Uuid: ee2961d6-60a0-4118-85e6-ebab98d8411a
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG5iFrKH4qSNxYIW0uh6e-s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5D67
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyNjM2MDc5NzA3MTM2MDc3Ng%3D%3D

170 B
232 B

59ms
59ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyNjM2MDc5NzA3MTM2MDc3Ng%3D%3D

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
AN-X-Request-Uuid: 8b64263d-6e8a-4e1c-b7a6-a93cc66f6b40
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyNjM2MDc5NzA3MTM2MDc3Ng%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3F16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1

43 B
766 B

77ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCA3fC1Axjx-KnVATAB&v=APEucNWM9m7KrOwdpZJ-gELL2bu8KTdgEIIfhqEIK_7fv9lsr8OHUz2QK4G8OcHqdXnxGKGHkjxl6yLNVwjbOfbjOBj0TYQ2KguSLwO0bp_gLWGD5trw60NfemSpm2Zs8Pv6JUtVgiuRR16oNev-7xszkiem9h-cW0bws6il6A_lqk19lUw7SIU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3F16
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0.0DMsXXDxYwh0x9VY2sgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1&google_hm=2

43 B
766 B

39ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCA3fC1Axjx-KnVATAB&v=APEucNWM9m7KrOwdpZJ-gELL2bu8KTdgEIIfhqEIK_7fv9lsr8OHUz2QK4G8OcHqdXnxGKGHkjxl6yLNVwjbOfbjOBj0TYQ2KguSLwO0bp_gLWGD5trw60NfemSpm2Zs8Pv6JUtVgiuRR16oNev-7xszkiem9h-cW0bws6il6A_lqk19lUw7SIU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRkCOVyrj9nIH9pBXquPDo&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3F16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5iFrKH4qSNxYIW0uh6e-s&google_cver=1

43 B
1018 B

35ms
34ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG5iFrKH4qSNxYIW0uh6e-s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCA3fC1Axjx-KnVATAB&v=APEucNWM9m7KrOwdpZJ-gELL2bu8KTdgEIIfhqEIK_7fv9lsr8OHUz2QK4G8OcHqdXnxGKGHkjxl6yLNVwjbOfbjOBj0TYQ2KguSLwO0bp_gLWGD5trw60NfemSpm2Zs8Pv6JUtVgiuRR16oNev-7xszkiem9h-cW0bws6il6A_lqk19lUw7SIU

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
AN-X-Request-Uuid: 34f66924-4491-4d8c-a442-7dfd600c0a5a
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG5iFrKH4qSNxYIW0uh6e-s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3F16
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyNjM2MDc5NzA3MTM2MDc3Ng%3D%3D

170 B
243 B

52ms
52ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyNjM2MDc5NzA3MTM2MDc3Ng%3D%3D

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
AN-X-Request-Uuid: ae3b059f-cd26-4637-a6b2-4a372e56a73d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTAyNjM2MDc5NzA3MTM2MDc3Ng%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F57C 41 KB
15 KB 126ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AevXXT9mcFSk37xvkhh9xNv1MYB9aFk6qTGBgXBF8hWZ2gAnM_Zm0IzVrhvVVMFnBHBXdvbwrVfdMPy6sQN2MwlgRQPbl4ems-lPGUmdW0Fdgwh4dXtTW946EpRTyuuHu6nBup282EA_g_TUbQtuBOTRHUgVQaA055Z_o62BFOTmnAIoU&cry=1&dbm_d=AKAmf-CoAqvShlwLV0Onr6W9cX0vosXNz55ecAdz0JOkQxUSAQn4udbTMYzXhMuLcGBKQnkI7s93uTT_MTYO6SfWMNNxpASDNCxM_HUtegHvDq7mJ1oXkJxmV3eZjG64O5JDjjKuyZ2LVyEbgy5g3o0HkE1Cz-bXYvyWpQ7pTH2oy0nzWYQJy6mTTbdZx1PxSFh5cPq4Gk--amUsm12bfzwtNYFDyUy9LC_o98yuPKJDx4oISYn2wG_W2SPnASKPZQW3tHo5PfvO-VTUbg0eqNIbAR_e6j77ktnQ19txbEOGL7HFdF_HLO-AJaSMUVBBdBB_Bp9risPf7GisrKTKXMzR3C48CINLv_kCLoHLVA1aJCG5rNWL-T76cwFwcBMsFvFkki0NXv3bYH6wwPEAtBzrEPxInDfS6i_n3CwMnxiCYGJ_jZEELKaBJSyn7ROk00eM976V81H6Ie1wdAimEFwd8ApPkYK-X98BcK5aQ_jHYidfOFgT-OAlxdc9KlQEeD0V006iPywKUbswzT04siITqgP6RHPWcbFL0HG8H9mt58UKLwwfvTQltQmKZJmyOgALptJCo1pMQR3gciekjo35Im_BtKtidXbC9jxEyT0mRBqK0PWJ50okXRFJs6eEkXh1bkuOavSgeKaES73PcqXLylPKY6lUkP4qbxJu3J0sIbE59Z8MaW2qmAF9GBxF99k6s_ZIJ-IvFkmYd13EJX9MKvVjFDMUcr_9jD-LMQt6zRiZjKzY0zUhVhOrwEPOhh2Gc48634S86wtgZ8G9z7HjlBQGSafFF2a8Irc3Jw1lraDw2m5jaiIqwvLLN7epzsha95MIjbqmxHSguTH7Va7fo9lsVc1IlnELVFsuShuQQiwVsc9WwtSp3HH9EjnMRsPAiA1bUG5EZ9sNSmoeHv3ajHopB8XeFvlo3X8uWZDFi_11tb0VoFSYh5VizMRbSMo5p1rPLpy1tNdkNUnIvzgnMcX_W-YGBMLhvwtCpmY0Gh1dR75eyH-eOJCQBBTsOqI4qImezaZ-ZH12BewDv7fl9oPr3oGkBBhOvJwIWhMpKXp8RIEcCTiXKBG7mjKGaVxVxDvH8sW_mIxBYPoJx7_7N0WseJ-ZCpLE72wT47mS5Ht5yj9mMBfCUMSL0tUBM7QqG3WNFQ4U36m1GsH-Zo3gZVJjFH_cDZveHiJH0ynH01H59vmei9FR0upSpZj6mShj4W10CuxZx58i739VCXvKZm5zAeWy3nCwtW6kxf8W8NVtLPdrH4EAci7O0k448gwPZHB5w-6R4ivON5HPvoSo0Fz4ifgkOupXUcMhqU10E265ZG7JMYUiUY9ebsYsXaCetbuRezyEYHInCcXFe0tvTCs52pkcnV3qID6aLPFr7SGC2jQDrpi7Ec75LKiINMy9LtHGn-zhIPD7gwAvf2vyXdN17-OqhDcPjwf7VX0XGtVjUKDbTqzR2CTpmbw9tOkaV_DUWFyjwY-MN9iR9e751boHU00dUb1OIE_bOlmI8vJMZ0z9zKtvNbtAtkdrVdjIb1c5kH-9c6lpciTLUUcnJsrQlSC2ttdsDvqT3x3KGZkWuZ4PU8fGCrLd6WqkgK4LSNlekK0qRRZOwbOWPlY_FwQYRntiV5XA1MDIelg9F0k5eyyel_CJgoBIFLodLzsY3yD4kuj0fyuYhlUFzW37Xil8MJHcLmwKkK1ollqQpoE9iMbuWTUE-LoJGwIGt1G0DXAJTvIbYokGjWiOzge6qLoZ_XMiv01FI3LzthbJ1YGJyKxTGpAHMO3KV-VIebf5FgvmBqBOnLOVWQQYF7hJXwUmqnad01dbnff76pGegoxp4NZfbmOac8D2W08FBu9w2Kw6sAxM5svgBtxlRG0JRJw0MG0ghD1-vNJ7-D6DCB7VSXSn6J3aczVN5rvaydb7hUZ7xxTi3UNlzyygvGxvLzb8tuSeRAEpzoDj4TyIS4AvTooI_aCeXt6B02aYgK8Jd_SFfU-53VbS2QkMFWtVyF7qsk1oU3moHH_iWuRFuqZduoIH41F_xXgfLZqSoosjy8_RLGXbofLrSxhqZFLrA7zrJfPoY7qbo0rAPv5RZEsW_d_OS_ZKMXmU4iirxsW0BnwyZig3uNk9okyO-tLTB8yAmhr7KO1-55G3KwbKNg9flrvrx4BSuQxdmwmE58Qh__cLXzhmAp_iXT6aLdmmy91VCRbuslovTcYjPdmjMuey2hElWIMUUW37bz1GpPagdQW7cyVviK29jRez7v3iMJSOY7CqSXJJD1CjaE4IY44PSdH5NsPMXHsaRzk7phufUY0ucmgFmEvia0iMacpX1UyMbHUcyJyn97w1RguAD0GWycocjgztzY4p5m-SfU9YUh9PXnaib7KbjzO8o2P9jidku_TJJMziNPAz4l7e0tzJS2FGD4NdkrXWZcrr-lnjsr3XrT_Kt3x7JYWaXu_L1KVdQ8hkZ8CrjJe9uL_IMBsiqsF85vlamATF6o-C0MIqshPUhRML-DQf5rbjqW5inm6VpbbJs8bYpTA0M1UdmoNvkRQG2jDc0mpWuuVW0sfHaCrNtzHS_L5zoWrEG-SPaDJ0XMp3zejewgWQW1MQKPdifCrfMFAUmQ5YdXkKp5YTZBqfUW50UPWX14-j9tXmPhmIHbsPV30kv8vsxexgZJa_Uvmm4doZDbX7NIX00iT7AFf-daQ1ow0jNSIfZFjPgRlXP2v8X9LBNWPpY8W3CdtapBrYYrhEXsqiZek0wzG9mnb8NgvewTF84T3bWsmpcYhmp6t6tl4dhkXMzbIk_WJhedqUfH1JE7UqYBSPGRpekXwqA-rUi0RFe9CpHFEvqnpOt8D-nPs-eXXNMvrCE4O8EO6m8V-HYWwanFI8WDoiwp9-0-M0ooJutrX6m0mH9mPcJg7X8dfLX3NyibVL2QWzJu6piO3F_cFk8C47AfOhI9jSf5tOUyAfx4J_fkfiZXEweP54EuAhA2mI5KGn22K_CQD5gs2PKSWY8aEsM8haYSI4n3V97a9vnkCY9eQJeFqXYH-AFttZbBHxYoO7fnp_MJR53vP7fGVNwI6idaHfp3eLQBObR-5Rma2oU8SqXsqTNFI-YDB6tmDJSUdy62_Lp5T4uuCPlFX2f7iuSlYSPD_7HDo1IbqYZzA096furWSzu-UqgqULQGf1bzNulnZ10xXonymWk8FFzLcDO8EZAwX_vj0-qCSD8C5mgPeEF2SljMQlCsQY2FKLq7rdUt_c7uggwIaWOBWt41AdqP93ZiQiMF41VgCcNia6NBAJJg7xxk8tbZgaFOQAfIAXJiUfmtPB2cE&cid=CAQSOwDq26N9ZY-4HtrTq9eNSCw9ylA1jkIl1cUCKTrhnRQxbD37Abq9vx3umWzna3ZWsyYa9-N2YPbxXfHUGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:48:08 GMT

GET
H/1.1 200
OK dvbs_src_internal109.js Show response
cdn.doubleverify.com/ Frame F57C 59 KB
19 KB 44ms
43ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25694704&cmp=28470308&plc=345047869&sid=7857561&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 08:23:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:20:14 GMT
Server: Microsoft-IIS/10.0
ETag: "03bb312aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19455

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BBE2 41 KB
15 KB 122ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D26nD0la-TK-eRre9_BzldbMvHGNifuy9y0GHQzgifYg0zXu7KCXRbbSaMyd11YHuQBloVdREf43BE3NHiaq9bLlFy3fj8JZ4NYK6BaOuup91v36ukc0uIqsaxwwTarj6I5UB6J1cT2SR_7fD4UKUja9lwssyBlbJyRbZ1RbZu0vB2kE4&cry=1&dbm_d=AKAmf-BHTdzULpjssR3T9PYXcBpxmSLo20DPtpH3Imgh-EL2L0i1A68fgOOXwXfR8PGWZlRxQunlCUyyYVa-QKSFg_wy-UIok9JhZ-KHzA2EWv0r8y7y0G82zHWNL1lE2-kaCXjmvVFrSA5Pssk6pku2mNsmGA4E9LN9KA898EfV7QmD4mWE4caAFonoyPnxBjUk4hSZSw5XMTFncFIZu8VhaOQ9dh6n-5PVjofV_5o3aGvoYsBD57n_xAjQAs-y4wkMoMMCwGBoxZjor9gIkykvVmOEcM1gz_suZXjwc7jHKwRDLA2E7ugOk2dzyt0KGkE7xU9HzTMR9LcsxT0bfUaP-z59wLIijR9tVsQV4MNvXpLgphRe1bW-CmMoG7kra4asZbcWJR8Rl9pnKlofgyrl4Mn4p-ycUziX8CkCRWKW6eU962wS_SU-F4s6V_itSM2XH9-JYm7ZaXmWbWYRsZ-d636ne38LPgdLee9jIl7R7ZMOS2F7PnsFpzC-cQrz3_t1w_SG0URM8VL1YJIHELJq0IQCL2kIjnLle7p1SsagiofxhqNlwb1bGaUGthj1E6nGsQEeEvI-IqJFW-Rjs12ieyStQv3e2ldVsa0HV4A4BYZnw4n56i6u2wtqfn61Joq0ES9tCdutmrvFpHt2va6XNgmglAzS0LCifNwMMQw9wHgnaeP3YNoe3KWIuvm8x4uacT72_Kq1hHKVl2qaxPNmlw8wknh-01tYQIrRbSQdR5t93VlldAJHTitwP9g6vr2HZT2GXi9yYSTZ4PI09Ir-CKQJ7tZGS4Ac3ra3SLot52XSLObX0ANXgH9BGY2N0DtWhxTQ2MMA7O0ETSbXmYfNUe7AGsoXW-YI89TjsahVrabU3SiO1SYJtMV0xf_R1Rx1QK4sxtebtM0FCIfsEDGLkaiccGO3FOoCa9TpDMoNtoKoOjEuUlp_N5Hq5e1jHvkbVN2svKrZbAzhFy_O3Y64_APYIACcpkdpQBSZm3bWStsWUvrf5Vz4LOdHkn9o-S2OIw9Z03Ct0Y5QZ-z5UCyl2YQoRqS96c29OKMoUUn1Z0WVEU8CqHXbdYm_TuTGcO8ueLtpnBZzu4tbKlNDgVgm0fL12ppCY7AADucwJROS3wrvhYPNTjWqa3PKRwfbHlRux-r0IyQuPJzW2Q4KqBHu5ERQRquGhNOBlqkxkvN3k3dVm_b7F4kyFGuCnh_0KU__5ZcyePXdoTuqyBPbwnmWhrSsocUv6ZwxvFEaNlb6cd-fVMNFBU7ujCBsYGWVWxA3wtPtdERoKnOWGYsxwI4U1i7EtSpe6AvwZRXq6JkuOLjwj8c6U1B475sJ2Cl1uXst0oQvf4vj6zUTf4gpMX9OI5jwf1s22FxZdbbI1Ym51cUzn1Ik4cd_brwWaswzvAIVMwDgUszIJsyZKyQz5MxVhiMm0CmVXyOjeoB93BiD824lLETN3esS0m0jnMrLJVaTLwmT9UpO6y77l-Kr-Mo-vqrTSXLcdonvCsVvsCOu7zwmR3E8Ogn85A7gmmUyo22pWRsdR47ZkC_FSnc1pJbKXq2w2aNfotEilM-VamhXtxeZPZB_Ayl-lHsPouDSHZdL1xiu5qAlYuGE66pbTtluYmW7rmXViWMvrxOZrXyONrUxMX2CCGAcfNVGmJDlVV__H_tYMv8h6g8sOHYoQulufMvm_kK9XamXkqf56UrpEAtNe1Z9hB-gjvMu0fALRX-XDouOyrVaBdvL-Wmzuoe-OgWho3Usz7-KyCMgBIcZJjSS3c-wcWbgEHtUIegBKu1vLyesp4qjxvqaTYmurHFrqcxdnQ3oCh6d2kgxdAiJNi1ATU4BSzzsEkHutpw1dNxOc7Z3N2a2sez21GeInp1kI91RG8d23Qgl4Qq0x2KdPrzk-78Y7Jmc9M-vr4kyulKzlhjggt2I4DJhKHzRDCtddBIXua5FLSAeKq7uw0gs7Qm6w-YYn5MGJ0Bv0QPjg7d2Gr_MSrRDx5TcHJg_cWH2C_6_RwCJqhpEORdvIxbin2lCQQOeq2cxWlpejFLSJIAeMo_XkK_WyJOkDQaFICrKjysM08kfE2ZvKrxTct9mB2icBD8HkxBeW9WCHqtc4_wlXWKtKIudS1GVa5N05t9KmsHl9un2O1YMQo0BtgZ7BgnzuSKzbZikT4GRyn_Ot6GKbHDwQHypUhILFHoNcexOlmpB7nxbe_pPZ3k11pO_je1oOhLKMU8btiDxdYKe77tlep9F3rjbDb0pBSTdyMswBB1ZGb0KnMqEELzlfb4vyqmBVn6jfOMZoRw1dukRxoAof-THeaAZYLmJIrJ3IAssHx9TkmsF7zW1THxT3_ZJpXrSJNcSVt1L2y4XUnee1ernco5kY8GKBq4aOy19xV-TcrhLQazGztGJWgdKRj2sERpF-fr2fuO3zNSf4Ah75yRwpdDrY0v7yx6uVnBZHc4RhBf5A60_f3G__LBamFbdYmfjdNrqGkbSMIiuD37v21kw8cHX8K1gkuch2vFisN4AcwKnrC3-MxI0KoOXbIlSDBTxPdB4V-0RgYlZTI1T2DWca2l9h3mfJsN5MXRAEuN6XXW_2bDb84xS0pVH558uF7wd3Zswp08ktsIrSYejonK--elnHwfEqlrHT9HBarNcqJoip3V6RH2eGvGZBaCHIFFISgfONJYQ_L66TloMABHA_4Jv_R8WkFb5MBCGCUypDs6nzeN--BMam65uydqlCPxzJ_lyg66QNZZhZEyFSfjyzjlSgpuodn_YeSt-ni439bPOgz-LcSJTsG8qvbZToYaSyAhGyX2WzlzyWBFc1e7IAYiaMJ4mxQo4-lsetGuDHfCq9faSzFw56HI9p26H_mp689xqCzJLzDVd4F4l212OKvT-vfBK1BD1IlJXLXf9Id-4xtxFZjuWU6EQsFqD4Jb2nGbJsloiw2IpoRpY8fAHQAhbmqeRgCegNyNgIothNmFEU8IBTYKif8nJRae-B4j_JliYxKzqnAOHR3_wrUfxWuWSezL_6yY6gCYuNDytIelwZmNbxopWPz1ZyMgrJsg8n4YVbkEw9QnW-zJaq6nlMrbi6yw2VpKbmk-ToTYahoW2lop3iib5ZE048YgK00J_j4i5UwSGnDKc-SCGdYXj8Ij7015cQExh45iljf4WzaViKqWxpVmH0Tw2djAp-tpagiaFEWDkJQNiMDWljNp13i2ht3h6sdqtL2BYXBmK58PHMYnlM3pRhbLNIS8JJaG-OmXP_OnL_Xy6BQOI1pHOytC37jVj5PrKdNAtEJf5JRi8taIOKAlvKtDGqBu79_SlD9FKwKu2E1QIU24VGbcLrlOpXUDd&cid=CAQSOwDq26N9ZY-4HtrTq9eNSCw9ylA1jkIl1cUCKTrhnRQxbD37Abq9vx3umWzna3ZWsyYa9-N2YPbxXfHUGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.capital.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:48:08 GMT

GET
H/1.1 200
OK dvbs_src_internal109.js Show response
cdn.doubleverify.com/ Frame BBE2 59 KB
19 KB 43ms
43ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25694704&cmp=28470308&plc=345047869&sid=7857561&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 08:23:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 13:20:14 GMT
Server: Microsoft-IIS/10.0
ETag: "03bb312aabbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19455

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame F57C 656 B
672 B 213ms
48ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_605876712186&jsTagObjCallback=__tagObject_callback_605876712186&num=6&ctx=25694704&cmp=28470308&plc=345047869&sid=7857561&advid=&adsrv=&unit=300x250&isdvvid=&uid=605876712186&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=99&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D42A%3AE2%3D%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D42A%3AE2%3D%5DF2Tar9EEADTbpTauTau%602dc22f63e3d3a262cg_2%60%603_bc%60%60fhe%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=4.80&callbackName=__verify_callback_605876712186
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: b609d03e5eb0262f81d13db10ab37f2e0890e06f225f485aebe1efa33ec4c9e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/18/2022 08:23:40

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame BBE2 656 B
669 B 209ms
47ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_921254442146&jsTagObjCallback=__tagObject_callback_921254442146&num=6&ctx=25694704&cmp=28470308&plc=345047869&sid=7857561&advid=&adsrv=&unit=300x250&isdvvid=&uid=921254442146&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=99&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D42A%3AE2%3D%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D42A%3AE2%3D%5DF2Tar9EEADTbpTauTau%602dc22f63e3d3a262cg_2%60%603_bc%60%60fhe%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=2.50&callbackName=__verify_callback_921254442146
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: c933e728143fe869db0c64b7a4579fe8a36a4d5b698e74d29e71de862a9e69a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:40 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/18/2022 08:23:40

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 21FB 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 568054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 81B9 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 568054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 18:36:06 GMT
expires: Thu, 12 Oct 2023 18:36:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 21FB 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 16:55:55 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 81B9 36 KB
16 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 16:55:55 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame F57C 0
229 B 107ms
43ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=be9f1daacb364a9d98fb1871e9ae5cb8&vfdur=213&cbust=1666167820971724
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:41 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 10/18/2022 08:23:41

GET
H2 200 globalpassback_300x250.gif
cdn.besafe.global/ Frame F57C 13 KB
14 KB 209ms
51ms Image
image/gif 2600:9000:2451:f400:8:455e:4a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_300x250.gif
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2451:f400:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36819ca2340b20813e1d2eecff934810e65167f054d1f62cdbaf774f0136bfb4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 00:18:18 GMT
via: 1.1 fd6adecd7f5b53e89c348be67ee6afb8.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 20:03:12 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-P2
age: 29123
etag: "d52875943b6fe3d6acebdddae888df6c"
x-amz-meta-sha256: 36819ca2340b20813e1d2eecff934810e65167f054d1f62cdbaf774f0136bfb4
content-type: image/gif
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 13504
x-amz-cf-id: jL87osWykz6VPOaYopONjzCFn01ARUbq_eVgsmlPHGYyzC-7ET-40w==
x-amz-meta-s3b-last-modified: 20190925T154054Z

GET
H2 200 main.19.8.358.js Show response
static.adsafeprotected.com/ Frame F57C 195 KB
60 KB 161ms
46ms Script
application/javascript 2600:9000:2491:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.358.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=1008913484&campId=18285790766&pubId=1&chanId=0&placementId=447380593&dealId=549644393847897261&adsafe_par&impId=ABAjH0jJMtrWnFIQmiBMB7XQXW8F&bidurl=https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da42947db2dbc8b734af5c4824cc9d4b7dcf3c3e239ea97734c635124dbdd2f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:05:15 GMT
x-amz-version-id: 0sn4_UL9l8bkgP3Aut8sG_7WwLSS70Jz
content-encoding: gzip
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 33507
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 17:05:47 GMT
server: AmazonS3
etag: W/"85e0b2aa9650a8cf76c0baf4d5352463"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 9JhT4rHbCGa8ZMmx8xejfmCLtSe2oeQ72XZBocNakPtILJp8DfTbUg==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CBCD 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 32521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 23:21:39 GMT
etag: 48472445140208031
expires: Wed, 19 Oct 2022 23:21:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F57C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 228e2ebdecc19ec30840417c28828f14e32cdc22a9b80b3ed6f05c309f525709

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame BBE2 0
229 B 101ms
43ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=3d5f8d28cd7d48bab9548ed328d72901&vfdur=209&cbust=1666167821007622
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 19 Oct 2022 08:23:41 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 10/18/2022 08:23:41

GET
H2 200 globalpassback_300x250.gif
cdn.besafe.global/ Frame BBE2 13 KB
14 KB 177ms
56ms Image
image/gif 2600:9000:2451:f400:8:455e:4a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_300x250.gif
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2451:f400:8:455e:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36819ca2340b20813e1d2eecff934810e65167f054d1f62cdbaf774f0136bfb4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 00:18:18 GMT
via: 1.1 fd6adecd7f5b53e89c348be67ee6afb8.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 20:03:12 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-P2
age: 29123
etag: "d52875943b6fe3d6acebdddae888df6c"
x-amz-meta-sha256: 36819ca2340b20813e1d2eecff934810e65167f054d1f62cdbaf774f0136bfb4
content-type: image/gif
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 13504
x-amz-cf-id: OiL_MaiKMfnIe-qrLqce3MQ7Y4LAx9HnzmJUsfsJmNBnWGqOPBS7oQ==
x-amz-meta-s3b-last-modified: 20190925T154054Z

GET
H2 200 main.19.8.358.js Show response
static.adsafeprotected.com/ Frame BBE2 195 KB
60 KB 173ms
96ms Script
application/javascript 2600:9000:2491:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.358.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=1008913484&campId=18285790766&pubId=1&chanId=0&placementId=447380593&dealId=549644393847897261&adsafe_par&impId=ABAjH0jMItkjj7ZBnkybMuoWA3Li&bidurl=https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da42947db2dbc8b734af5c4824cc9d4b7dcf3c3e239ea97734c635124dbdd2f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:05:15 GMT
x-amz-version-id: 0sn4_UL9l8bkgP3Aut8sG_7WwLSS70Jz
content-encoding: gzip
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 33507
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 17:05:47 GMT
server: AmazonS3
etag: W/"85e0b2aa9650a8cf76c0baf4d5352463"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 6hRvVnRp2J9CZ58G71z3_gG7caXE3v5ySg2nkQmHNBy5ePzKz4-9uw==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6623 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 32522
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 23:21:39 GMT
etag: 48472445140208031
expires: Wed, 19 Oct 2022 23:21:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BBE2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c7d07bc8666e331ff592c7f53c7a48880b17bc312af3484bfafc10f40685283

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame CBCD 35 B
464 B 140ms
41ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFjI9F4Rh8n_dua5PpLo8qg&google_cver=1&google_push=AZmPxg_rS6xU-B4dsDPdkMh8C9Kbux8DmMmPYu38quz95cK7N2IIiXZNkoR7-sc5Ebl40BzuPj4_ltgxPYcGVv1nV6dDeZiikQ1u

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame CBCD 43 B
351 B 97ms
33ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPP_-hu6oJJC-o7dG1URUdU&google_cver=1&google_push=AZmPxg-FUAmBCxI46WFYLTN3xToQM9aUtJt73phZq3JaVAJuATblRTLZiu8C-YFmFzbS0Z7Xkoi3j4tE0A1_16VeEy1Qhs3aHaci
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: sfbcuvp6niegb87vjeel7jm2aug6vqq1

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame CBCD 0
41 B 340ms
35ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENEt7L4m-ZSGVuxuJ6g4uJw&google_cver=1&google_push=AZmPxg9Ruv1Xr4Fhr_V3u25P3J24KDd7M7WsvLNdfFghLm5nvO3m-pObZcfXrrd2g7Wti7Q_pfeuMyZ9NVuvhHHcyhS82U0CE9Zq
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 19 Oct 2022 08:23:41 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBCD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIlJap-rn8iXuDfKTjY9Tn8&google_cver=1&google_push=AZmPxg-U8PdcUKtoXs_1c5KvRI3xvfhrRH4wmzuLJ4tsRnWK-sryzQoVSKBKPjyp4RMP9uzcfer...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGREFVVlktMU8tR0RIVQ==&google_push=AZmPxg-U8PdcUKtoXs_1c5KvRI3xvfhrRH4wmzuLJ4tsRnWK-sryzQoVSKBKPjyp4RMP9uzcfergGj5OUK7yRWKgq4Yj0yDLFe0

170 B
188 B

94ms
94ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGREFVVlktMU8tR0RIVQ==&google_push=AZmPxg-U8PdcUKtoXs_1c5KvRI3xvfhrRH4wmzuLJ4tsRnWK-sryzQoVSKBKPjyp4RMP9uzcfergGj5OUK7yRWKgq4Yj0yDLFe0

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGREFVVlktMU8tR0RIVQ==&google_push=AZmPxg-U8PdcUKtoXs_1c5KvRI3xvfhrRH4wmzuLJ4tsRnWK-sryzQoVSKBKPjyp4RMP9uzcfergGj5OUK7yRWKgq4Yj0yDLFe0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBCD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_hm=Y0-0DMsXXDxYwh0x9VY2sgAADRkAAAAB&google_nid=index&google_push=AZmPxg8H1DtqE2bz-SSeSCe0fTXjDFijWVoFE...

170 B
188 B

81ms
81ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_hm=Y0-0DMsXXDxYwh0x9VY2sgAADRkAAAAB&google_nid=index&google_push=AZmPxg8H1DtqE2bz-SSeSCe0fTXjDFijWVoFE4ntj_01TN8PeYVSz7oyUQEVGAU4UmnoCkwBJSUNxJfsfwnpWGy4sP7-yar4E34

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tkORN3ZovbOPFBrg%2BejmQmKjJljMlSyLqXb4B83rYwbCVRlSJ%2BKpNv1t%2BOswMopHqaLeMULOgF47ZFjtqlD3bGTmBH7gAZJUeR6Dsz5d6o%2BCFCR48ENLd8otlVS7cVHpUxPwr0Sw7t1oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_hm=Y0-0DMsXXDxYwh0x9VY2sgAADRkAAAAB&google_nid=index&google_push=AZmPxg8H1DtqE2bz-SSeSCe0fTXjDFijWVoFE4ntj_01TN8PeYVSz7oyUQEVGAU4UmnoCkwBJSUNxJfsfwnpWGy4sP7-yar4E34
cache-control: no-cache
cf-ray: 75c81cf28ca27743-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame CBCD 43 B
297 B 344ms
43ms Image
image/gif 2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHnE18bo8oZW1iUV3hjy0WM&google_cver=1&google_push=AZmPxg8rwZ9tFVGUt7F7_HwfVwzzz07mjtYDBj9C0dK5rWfGpC8z-YzWtwADgSQOWAUUzSkZTwL8lFoCfpEmUL1bFDus07EHTCDu
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame CBCD 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CBCD 0
12 B 50ms
50ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LPhMOzCOJbPNwFyDz4wCjFrhWk9Pflrm09vOU5ybswQOrh4t6OuU7pwivvGbos1ty_G3D31w

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6623 35 B
463 B 137ms
42ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFjI9F4Rh8n_dua5PpLo8qg&google_cver=1&google_push=AZmPxg9vhXCAIn4Xz_PxBRP2WHj0y_i8ux9i5XVKssCRhbWy8kxB5qc82rmtQUyU_wlmXA4VFKXjj1UWHLR3cB9cUV_mZYKSliMCEg

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 6623 43 B
356 B 129ms
41ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEOvXQ_QJpwufNwwGuapcSIk&google_push=AZmPxg-hVsMLRabKpA5ewSCRHJC2H5kkFahLkMwNb7FnGGh4xOY1UtmwGyPfBrN-uPziaEO0sMGwycIv5m1xYCVVPqnTXDnlpr3ECg&google_cver=1
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6623 43 B
135 B 94ms
34ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPP_-hu6oJJC-o7dG1URUdU&google_cver=1&google_push=AZmPxg_EqkrKk8PZr_-ZLWwoHSQ5_pcUh08WkwExcia0ldOxXuJD3Oe4Nh1CldvvPLQnLgT8LzufYNVaCoeWrbY238l1nS7EGeRx
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ve2k4fgkp90pnie5vuntg60k6ag3bvht

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6623 0
166 B 334ms
34ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENEt7L4m-ZSGVuxuJ6g4uJw&google_cver=1&google_push=AZmPxg-XIiJeBIBw_H3NiRu3C-RLT2n_AwCIIIq9jUwF-RE3GX7sX6ME5jG8LKNTsieUSPbnrNSDQzExgaJrcRXpSLQx_gNv2r6NTA
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 19 Oct 2022 08:23:41 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6623
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIlJap-rn8iXuDfKTjY9Tn8&google_cver=1&google_push=AZmPxg9n4fFBQqAvNysmF0HfS28JZpbdam0PIfu0bBX-3iBCm0CI3_CeICUauzxjYPEHEsG8Aql...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGREFVVlktVS0ySEk=&google_push=AZmPxg9n4fFBQqAvNysmF0HfS28JZpbdam0PIfu0bBX-3iBCm0CI3_CeICUauzxjYPEHEsG8Aqlv4sGnMHv2zw_XCqC8wSXphHaODA

170 B
188 B

104ms
103ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGREFVVlktVS0ySEk=&google_push=AZmPxg9n4fFBQqAvNysmF0HfS28JZpbdam0PIfu0bBX-3iBCm0CI3_CeICUauzxjYPEHEsG8Aqlv4sGnMHv2zw_XCqC8wSXphHaODA

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlGREFVVlktVS0ySEk=&google_push=AZmPxg9n4fFBQqAvNysmF0HfS28JZpbdam0PIfu0bBX-3iBCm0CI3_CeICUauzxjYPEHEsG8Aqlv4sGnMHv2zw_XCqC8wSXphHaODA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6623
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_hm=Y0-0DMsXXDxYwh0x9VY2sgAADRkAAAAB&google_nid=index&google_push=AZmPxg8E8LWvwvc2AQ1Jd0Mc-NR-jVEOl-YDN...

170 B
188 B

70ms
70ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_hm=Y0-0DMsXXDxYwh0x9VY2sgAADRkAAAAB&google_nid=index&google_push=AZmPxg8E8LWvwvc2AQ1Jd0Mc-NR-jVEOl-YDNh0l2TmWztHdI_PsIdJfD2hbsav-HL2qWC1oyifwE7VRbc55GVktwbdCm2RTNfVHxg

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aT9S662J0TptVcKds%2B54SYrj30Kk%2B7M1tNBKnXwkdIor4k49ovfs%2BqwQyUMenk3GDIDZns7PjNzekVH2ey%2FksKZ1CikwaGTn6x4EeWmjfEkSu5OEw4NQUI9ppBcY2a47ucL%2F4sObJq%2FTng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTNepUc0QT6dkWrDGClOD0&google_hm=Y0-0DMsXXDxYwh0x9VY2sgAADRkAAAAB&google_nid=index&google_push=AZmPxg8E8LWvwvc2AQ1Jd0Mc-NR-jVEOl-YDNh0l2TmWztHdI_PsIdJfD2hbsav-HL2qWC1oyifwE7VRbc55GVktwbdCm2RTNfVHxg
cache-control: no-cache
cf-ray: 75c81cf28ca47743-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 6623 43 B
296 B 341ms
45ms Image
image/gif 2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHnE18bo8oZW1iUV3hjy0WM&google_cver=1&google_push=AZmPxg8wCFmtIv2Afoj2F4onmW5W0N1CVoJsdKiXmVl3OwgLx-KoIsD92FPxSEZEqfIdBETG3_3htEM_E69qP-oSrH3NgsEamPhXBQ
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6623 0
12 B 52ms
50ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBUUE6V0b5FgIlOZV5fKHrATmCQyr38rO0rBv0rEVxGMFq-pQp8hHhwM2b0nRtfonldYiB

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81B9 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BE-QQDLRPY7eGJ5iNgQeK-4yACAAAAAA4AeAEAg&bg=!5Oel56PNAAYeOJy_Pjg7ACkAdvg8WoRKbJ7UeNxOkMPN4vfQJINRi3g8J1peyCLCf31ByqkaD_Fl0gIAAAB9UgAAAAJoAQcKAEinRYicfKPFavUjAUx7BMx97m3W_biXYrMUJerzXV7qdZBufBTRpfkhjM1Kd0yD7WwxKz2PmT2Eap-0sC_L1QQH85BwM0kjJ7qZAwHi5koriiFthXhmJmQ0PaznJx80aJIRz9Fuy6APgjnZXGRrdFshgUCuNd6cOB2qVkJoH4hM9S8xtiBwtbJGVc9sPWIdJCbjrC8BmVvfgrkFzMREs-WgN88NGMDEg9M1Aaa2SwI2lZ-ydn1DKG51UXlPPgvmOWWzmWgCOtj9DK0tpO9iYoaaIthIOFPKwf7sQdQC7JmOwltgh7Zl08MZo2yX6eWI_Qd7CNe09BkS7c3F3mRUF1750G01DxDxy3kEWhN1Uak4tzOWrA4DZLVZJKydQ7eOyCNmUyd1AGnSun0Y2w13ycfAb7j-qWBPUjB_nO0XF3wN6gvCVlkX6Wno7EZo2rxy39yGLTfkJ6bHor-_lHSrIIJkb59Sk41LPpehlr6dnVeKJx1LQaga2VpoNYwAsYYZN2w9ZOLSyzV2bkOD9cra_mQo1Gn0F7vw1GfYVrNelVgaR_IeHGQECUp_vffExHEa0ISXcM4X-NG1GXf6poAayqp8Ctwds1J6zGXbXGMypni2841uHHxcoOSHlr7nOKF7YbI1adEt7potnuTnHPP6-BdctoGDbBfDzQvgzbXe-hLbg2W__27mzqjW0XCZAUBjJRKWHU8UjIE_Crk3NJXWS4xiIqEOg03d4COWfztQ5z4w6dNdZZ1FbxANfC7EsijrB-pSeveG8BKK74MH2a1bzqc2llu6xCtbRTqLmy1agCEgYrixZnvogErr-O4_Qvau270eclniLoa8lJwlZY3OfcKtAFoiAWjA6fd5V2kPR6ip82eL2ALRxwWemW64UnNuLzUXyfhyWwAoXIl1IXomaH5GQl3anfDoFLzjHwDPoitf4rKSKo8z6PG3AyUznuk8YXXdfp6M3jIGxQFLeJMF0t0fuBsS2GPfHgJ5mRevR6PFiC3KkzDT267cgliU1tTyEGrN_yKblzCyu5OythYSh8s7Fc4kPgCU-9YgvlYDn_LqHWqWdLOXYySyAOqJAN_TA78V1_NYWKKr1pmdLZfm1fOMMmAVEAsgW0xzRS-d

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 21FB 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEeeDDLRPY6qoJ5aagQf4hYywAQAAAAA4AeAEAg&bg=!y8ilyIzNAAYeOJy_Pjg7ACkAdvg8WqICRcERV-jXe3ComtjVlrw5ZSU7ByuAFgQIjYfpmFHsEEVaHwIAAACQUgAAAAJoAQeZAux9vpdTMBa3pgwsW2y3BoGc5RaB2WX_86B64rmGDOZWKQjLrhxLSkemSpXC0-Kzq0C283HNFdEFJwiVAjERrawLAp5B6nqSgTtTKYyLqdN9AkKeqF6ja-QMvW-mqVeEf3h4lUVq5feE3LS3fgtPgCt9cizmZ6k6fYf37b0ADHbzh8hjgLsgif8JeH7HJuyMso8dlfANcuZvH66m3J_3rzYX1QUvzmnb4JFzrpHIfQepnGq24f0RP3JWPUVsnJI8tohDijO8EJi7jI7NKMIRXOhIrHYtc-LDH94CIBzNqhBuDsydCZ75IfDDIQ-zdcbpeMzGGa5MgIVeb5ULgtC7I7A9Pd9BmRG_l80GnOrICKeDxZwpyHTpsbJRYRjUTwddFtjdhB-OzZJ7XZrtna08EzF9-bJ8UApgGOi1-geEWlFbZuTyKN_sk8SXXXo6L7sKqHcT-nVgZOC0XxcOzqlNAsyRlEzXYfMy2-SSYLNtTHfnq3429vZwklV7Oi3WCeS-sEGWPe9YewQzFa5hrr0tPBEXT4g1lXHKuDhA77isrEOU8vaoqP2ZJVUifM2ilgTMl3GGcFqFoyB6qv58bDry2yhsAmBiJtIuC2VtR18dVawAy1Mga1pbiDh3d323itn6nK_dfHP6udhpmSBMhJ77hhjen8_EhxJqDrFf_6IPhwwzhBpRlCcTRN2jE5LiYi5XVXrA88zbNby8RrZeCGd1GSWmyyzvVBTmeLOjwECbPJNo2PYL6DFobHq26kfnn0jh2jTbjKGsU5QabSblXQL0uTUOumAcxsHNX10VKqn0HkLzdV-chFVs0voeGEc5cEC43-I4hoEvrvCpyI-RX4juyU4RJWKvby8R8jDX-5-iZO_ARepv5qkLaTqxGitMjILV7ytI65bMVf5g5wYeDah0gZf_5XjEKN1ycFpHSuV9RlCUi0b_6nZ6mW3FRTWRN6FMEk4Xo9dIeJCusEIbDJ33zolGN3HtisZDZNKC5dW0

Requested by

Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame EC81 91 KB
23 KB 43ms
43ms Script
application/javascript 2600:9000:2491:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2393245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: cdGCp3E0Hg0p7rszZ9YyJ5ASoWQ2PLY6RhULl-ElCL1BcgBRLDZ5KA==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame F57C 43 B
216 B 59ms
59ms Image
image/gif 52.208.57.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10933&advId=1008913484&campId=18285790766&pubId=1&chanId=0&placementId=447380593&dealId=549644393847897261&adsafe_par&impId=ABAjH0jJMtrWnFIQmiBMB7XQXW8F&bidurl=https://www.capital.ua/&adsafe_url=https%3A%2F%2Fwww.capital.ua&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.capital.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bb97304b-42a8-52e4-a8e2-0180fc8d72e1,c:rtzKHL,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-645fdb8c57-d4qr8,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:235,mot:0,app:0,maw:0,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.10933%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a4,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:254,oid:565edc8c-4f87-11ed-9212-8a9f11405bec,v:19.8.358,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.57.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-57-60.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F57C 43 B
215 B 446ms
129ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=bb97304b-42a8-52e4-a8e2-0180fc8d72e1&tv=%7Bc:rtzKI7,pingTime:-3,time:275,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:253%7D,%7Bpiv:0,vs:o,r:l,t:274%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:275,n:274,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1,0~0%5D,as:%5B36~300.250%5D%7D%7D,%7Bsl:o,t:274,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.10933%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a4,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:254%7D&br=c
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F57C 43 B
216 B 442ms
128ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=bb97304b-42a8-52e4-a8e2-0180fc8d72e1&tv=%7Bc:rtzKI8,pingTime:-6,time:276,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:276,n:274,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1,0~0%5D,as:%5B36~300.250%5D%7D%7D,%7Bsl:o,t:274,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.10933%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a4,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:254%7D&tpiLookup=ao:www.capital.ua*&br=c
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F57C 43 B
215 B 438ms
128ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=bb97304b-42a8-52e4-a8e2-0180fc8d72e1&tv=%7Bc:rtzKIe,pingTime:0,time:282,type:pf,im:%7Bsf:0%7D,sca:%7Bdfp:%7Bdf:4,sz:300.272,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:253%7D,%7Bpiv:0,vs:o,r:l,t:274%7D,%7Bpiv:100,vs:i,r:,t:282%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:282,n:274,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1,0~0%5D,as:%5B36~300.250%5D%7D%7D,%7Bsl:o,t:274,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~300.250%5D%7D%7D,%7Bsl:i,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.10933%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a4,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:254%7D&br=c
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 37ms
37ms Font
application/octet-stream 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://www.capital.ua/
Origin: https://www.capital.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:28 GMT
date: Wed, 19 Oct 2022 08:23:41 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H3

200

/
www.facebook.com/login/ Frame DBBB
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=true&app_id=349712125128014&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfba6...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

193ms
192ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfba6ab1840e08%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff121bba1047f688%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7e422b2ecbd22513179166f78c9b31a5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 19 Oct 2022 08:23:41 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: OfubzK51krn1a20P+Xiu5LVnzp7jhC27GoqLrf8tYrrtGA6WGQSvIfMjlmZ6EiExx6ia34kaq2+Pvl34sQW3UA==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 19 Oct 2022 08:23:41 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D349712125128014%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfba6ab1840e08%2526domain%253Dwww.capital.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.capital.ua%25252Ff121bba1047f688%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fcapitalukraine%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dtrue
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: bYNoDGEc++sReQL2NcdgcuHONbbanSG7Op7rgbm6ZIqY6xKWp2N/8041ZYyrAsYWiQPVTrLXmzRZE7geiuizKg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 137ms
56ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f606534676efa249cf3bc2bdada651b56502aa9121e8cbf898eb39ba405e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11212
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F57C 43 B
215 B 426ms
130ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=bb97304b-42a8-52e4-a8e2-0180fc8d72e1&tv=%7Bc:rtzKIs,pingTime:-2,time:296,type:a,im:%7Bpom:1,prf:%7BbeA:635,beZ:636,mfA:870,cmA:871,inA:872,inZ:875,prA:875,prZ:880,si:889,poA:890,poZ:903,cmZ:903,mfZ:903,loA:911,loZ:913,ltA:931,ltZ:931,mdA:636,mdZ:843%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:253%7D,%7Bpiv:0,vs:o,r:l,t:274%7D,%7Bpiv:100,vs:i,r:,t:282%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:14,o:282,n:274,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1,0~0%5D,as:%5B36~300.250%5D%7D%7D,%7Bsl:o,t:274,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~300.250%5D%7D%7D,%7Bsl:i,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B14~100%5D,as:%5B14~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.10933%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a4,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:254,sinceFw:41,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 451C 91 KB
23 KB 42ms
40ms Script
application/javascript 2600:9000:2491:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
URL: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2393245
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: eVWTgqwAqEJ3tv2DgQfOfXLt6cz9OokPWs0kB4W2OEGNDx87ImubXw==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame BBE2 43 B
216 B 47ms
46ms Image
image/gif 52.208.57.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10933&advId=1008913484&campId=18285790766&pubId=1&chanId=0&placementId=447380593&dealId=549644393847897261&adsafe_par&impId=ABAjH0jMItkjj7ZBnkybMuoWA3Li&bidurl=https://www.capital.ua/&adsafe_url=https%3A%2F%2Fwww.capital.ua&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.capital.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d79678da-244b-63fb-3b50-ac99c89b828b,c:rtzKIz,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5b58464db-cz98n,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:259,mot:0,app:0,maw:0,fm:tkHcnqq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C1a*.10933%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:265,oid:565f2aee-4f87-11ed-94a6-923688ab96a8,v:19.8.358,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.57.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-57-60.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: nginx
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BBE2 43 B
215 B 406ms
129ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=d79678da-244b-63fb-3b50-ac99c89b828b&tv=%7Bc:rtzKIL,pingTime:-3,time:277,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:265%7D,%7Bpiv:0,vs:o,r:l,t:277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:277,n:277,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:265,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~1,0~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:o,t:277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkHcnqq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C1a*.10933%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:265%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BBE2 43 B
215 B 521ms
245ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=d79678da-244b-63fb-3b50-ac99c89b828b&tv=%7Bc:rtzKIM,pingTime:-6,time:278,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:278,n:277,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:265,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~1,0~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:o,t:277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkHcnqq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C1a*.10933%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:265%7D&tpiLookup=ao:www.capital.ua*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BBE2 43 B
215 B 517ms
243ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=d79678da-244b-63fb-3b50-ac99c89b828b&tv=%7Bc:rtzKIP,pingTime:0,time:281,type:pf,im:%7Bsf:0%7D,sca:%7Bdfp:%7Bdf:4,sz:300.272,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:265%7D,%7Bpiv:0,vs:o,r:l,t:277%7D,%7Bpiv:100,vs:i,r:,t:281%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:281,n:277,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:265,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~1,0~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:o,t:277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D,%7Bsl:i,t:281,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19.10933%7C191%7C192%7C193%7C194%7C195%7C1a*.10933%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:265%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BBE2 43 B
215 B 516ms
247ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=d79678da-244b-63fb-3b50-ac99c89b828b&tv=%7Bc:rtzKIT,pingTime:-2,time:285,type:a,im:%7Bpom:1,prf:%7BbeA:657,beZ:658,mfA:916,cmA:916,inA:916,inZ:917,prA:917,prZ:920,si:922,poA:923,poZ:930,cmZ:930,mfZ:930,loA:935,loZ:936,ltA:943,ltZ:943,mdA:658,mdZ:860%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:265%7D,%7Bpiv:0,vs:o,r:l,t:277%7D,%7Bpiv:100,vs:i,r:,t:281%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5,o:281,n:277,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:265,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~1,0~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:o,t:277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D,%7Bsl:i,t:281,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5~100%5D,as:%5B5~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19.10933%7C191%7C192%7C193%7C194%7C195%7C1a*.10933%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:265,sinceFw:20,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 33ms
33ms Font
application/octet-stream 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: www.capital.ua
URL: https://www.capital.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://www.capital.ua/
Origin: https://www.capital.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Wed, 19 Oct 2022 08:23:41 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H2 200 946939071.jpeg
cdn.gravitec.net/images/users/1649310270269423616/ 4 KB
4 KB 30ms
29ms Image
image/jpeg 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1649310270269423616/946939071.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: dcaf67aaced809a8a66e31ea3e7c0623de21c3a3509f3af9e70574bc9d420dce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
date: Wed, 19 Oct 2022 08:23:41 GMT
last-modified: Mon, 04 Nov 2019 22:02:49 GMT
server: nginx
etag: "5dc0a009-e27"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3623
x-proxy-cache: HIT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 08:23:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E69 13 KB
5 KB 44ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 07:54:19 GMT
expires: Thu, 19 Oct 2023 07:54:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 97E8 783 B
536 B 51ms
50ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0e3511da30f023f4e84ab19ec938d9c764d3b966e3296b1d582c9809d289787

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iwbD-KU6gkjNDO8-Z9zH4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.capital.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-iwbD-KU6gkjNDO8-Z9zH4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:23:41 GMT
expires: Wed, 19 Oct 2022 08:23:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F57C 43 B
215 B 182ms
182ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=bb97304b-42a8-52e4-a8e2-0180fc8d72e1&tv=%7Bc:rtzKOi,pingTime:-10,time:658,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666167821630%7C%7Cddeeb32f5f22731801e690333c8a5b32%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C1b7838071ec51d9523bdb5a436bca059%7C%7Cd2ea2a4fe573d16305b3210e768b7f51%7C%7Cb3723d3348f47aa4faf68a00c70fd319%7C%7C2858a99cb674753a2e996e9bdfb45054%7C%7C238dd1fddc69b810d60afb2bf558ce71%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:41 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 97E8 0
0 73ms
72ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101301&jk=2506732229346338&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E69 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 16:55:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2E69 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xA618g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:23:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BBE2 43 B
215 B 129ms
129ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=d79678da-244b-63fb-3b50-ac99c89b828b&tv=%7Bc:rtzKXO,pingTime:-10,time:1210,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666167821630%7C%7Cddeeb32f5f22731801e690333c8a5b32%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C1b7838071ec51d9523bdb5a436bca059%7C%7Cd2ea2a4fe573d16305b3210e768b7f51%7C%7Cb3723d3348f47aa4faf68a00c70fd319%7C%7C2858a99cb674753a2e996e9bdfb45054%7C%7C238dd1fddc69b810d60afb2bf558ce71%7C%7C1663701684,sca:%7Bspg:bb97304b-42a8-52e4-a8e2-0180fc8d72e1%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:42 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BBE2 42 B
64 B 84ms
83ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk6ShO__tR1jq-DnbhjAKQZnbo03gOA0DRbXKfQ3vpcjRu7_MYM_b1W4-Wss8jTBnknAXNwxYz-tzZxqcc6dncyG930g6aHyQxWn4cMyk-BCkX151dAR9TMSEDctKYHBwnB4RRsA&sai=AMfl-YRH4NA5kcXP8qHTWLl5ZvWVt22ABLp53cFSGwcWOdJ-fxv-fYHFvAfPvEXCJhLpOBk3R32IgF-AKkzrrKYSb7j5W8ulGhmlF1UvmR0_MttkEYeGdQ_plFnuNHg2OQ&sig=Cg0ArKJSzFMUEoTW27qgEAE&cid=CAQSOwDq26N9ZY-4HtrTq9eNSCw9ylA1jkIl1cUCKTrhnRQxbD37Abq9vx3umWzna3ZWsyYa9-N2YPbxXfHUGAEgDg&id=lidar2&mcvt=1000&p=746,1124,1018,1424&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&app=0&itpl=20&adk=465682209&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666167820353&rpt=847&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F57C 42 B
64 B 83ms
83ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBFpAM9AkZ-zMkXhTi2RX86X3UOsv1HUEpH0vMst6Grt5xEPk8YvZpwIq07i-sny2bdF_FC5gvmgNcUca-QcKUCXU52jbt268TidOqDlxbnEYAF8gQUbMIMfTrZXzRTYdaXUosMA&sai=AMfl-YRSHNir6wUSiEyTcHQcrqkjQftuBeHhhYLauN1kORGLWEkVYFMch77o6rkWe-_R3GHS0n9vQQcBoHRWAc_jTIZFLlDISDMMarHe-O_9Dn2oAYnZ6ZptSlUFvdr7Lw&sig=Cg0ArKJSzBHJMXTzcW3aEAE&cid=CAQSOwDq26N9ZY-4HtrTq9eNSCw9ylA1jkIl1cUCKTrhnRQxbD37Abq9vx3umWzna3ZWsyYa9-N2YPbxXfHUGAEgDg&id=lidar2&mcvt=1002&p=328,1124,600,1424&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&app=0&itpl=20&adk=2673231228&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666167820337&rpt=856&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F57C 43 B
215 B 129ms
128ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=bb97304b-42a8-52e4-a8e2-0180fc8d72e1&tv=%7Bc:rtzKYn,pingTime:1,time:1283,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:253%7D,%7Bpiv:0,vs:o,r:l,t:274%7D,%7Bpiv:100,vs:i,r:,t:282%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:282,n:274,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1,0~0%5D,as:%5B36~300.250%5D%7D%7D,%7Bsl:o,t:274,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~300.250%5D%7D%7D,%7Bsl:i,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:190,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.10933%7C191%7C192%7C193%7C194%7C1a.10933%7C1a1%7C1a2%7C1a3%7C1a4,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:254,sis:328%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:42 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F57C 43 B
215 B 129ms
128ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=bb97304b-42a8-52e4-a8e2-0180fc8d72e1&tv=%7Bc:rtzKYn,pingTime:1,time:1283,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:253%7D,%7Bpiv:0,vs:o,r:l,t:274%7D,%7Bpiv:100,vs:i,r:,t:282%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:282,n:274,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1,0~0%5D,as:%5B36~300.250%5D%7D%7D,%7Bsl:o,t:274,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~300.250%5D%7D%7D,%7Bsl:i,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:190,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.10933%7C191%7C192%7C193%7C194%7C1a.10933%7C1a1%7C1a2%7C1a3%7C1a4,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:254,sis:328,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:42 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F57C 43 B
215 B 129ms
129ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=bb97304b-42a8-52e4-a8e2-0180fc8d72e1&tv=%7Bc:rtzKYn,pingTime:1,time:1283,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:253%7D,%7Bpiv:0,vs:o,r:l,t:274%7D,%7Bpiv:100,vs:i,r:,t:282%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:282,n:274,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~1,0~0%5D,as:%5B36~300.250%5D%7D%7D,%7Bsl:o,t:274,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~300.250%5D%7D%7D,%7Bsl:i,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:190,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.10933%7C191%7C192%7C193%7C194%7C1a.10933%7C1a1%7C1a2%7C1a3%7C1a4,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:254,sis:328,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:42 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101301&jk=2506732229346338&bg=!hYalhsLNAAYeOJy_Pjg7ACkAdvg8WkAEoD15tWfQJHw3oGzzZUjKw0446SNvS-Y2_AMyofc17WaeDwIAAABOUgAAAAJoAQcKAHmAyLmTgz9DETDvFO_KeVpmakQA8OGZPskgAFN3E-EqHAl7f0CpVs2xB6NCwKGv38ABwWnCeBwY-7Vm6-5AblD2fx1qpoOPfdVvtdCI4h39zGtlTf5Pz4Tw3jYDFGcQ7lYbaDBVlRF2HTC2536DQNLpNTI3zdxJYQS-mQKoMTSaHyW03xm7E5yR5Y_bvbtfvEzTLe97QR60sjCIj23c9kvBZRoIu0SWWSEdvZFsmXD9jBVTm91rZIbL7P5OpDSzWv5Pur8QOgPTdrNLNH5tD-6iAzVNt4F1jmNmEA20bM7mPu2W3pjjPVSixjSmOQBmtUVt2003hOPBB8m6_Ho5ygLeFw6CxKl8hxQP9qMs1j_en8IZHtarI7n0RHNeATvKMhAFg51CO4DzSteDsNspqv6utIOCw6AlpMb1uNzuJ3rvvhUJlEyZ-J4BIvRP2XbPYtxVl-iVAUd_wmc-qR1_PZXik_JFSoYKbutVTXhRhaZF2yYRBDKruli5Z1C-wD4Gv-GE1AUa1QeX3g0gR89RdVuJyN8a9-JzpIQsE8Su_AT2PGc9RsNnEjZ8HUidyJdZLC-JO2IuChhWSo2x780Oj8gO1mDnzRRrDfb9K4C63qDq9hHz0wns9MYikNZNgJywZ2lmzDk9lg9yjTdhYanzsKzh7Zxg2rhqa5DPETqKpHipBs-6eItp7s_tF7U6i1ZsTQAtH_V-kFE4Af_kIBO65dNRglxP_sd0k3uc0FXJKLC5xHyn9B9WSOL_2Vvrc-QrFN5rh8Skcyre5DKR7u3TTLZi6UR0WLIgbT7AGwuDD37Gw3Pl2QofB6iq8YqDIZPxsxhzKZGtb5Ir7UXKvSOjukVmw1XZtzp4JOIyefrufH8E6DVkJZ0EI6YLH3zl4EWKkXLt0ZjE1ilpCO6MLJMntRI-Qh4RVQ42uV2JyktDXD5RQTEwfxDimSg3DYaZFXTDmtYNBDaWQNSkAziinpSEPfNlWWXJnts4wTciE_34-qjTCJge7jwQwkXJkcLRn4LThrSo9Kdm51Hzf53xz9TuhQ8hdUy04rYg3E-BU3YItDPAzGkNbpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.capital.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BBE2 43 B
215 B 130ms
129ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=d79678da-244b-63fb-3b50-ac99c89b828b&tv=%7Bc:rtzKYY,pingTime:1,time:1282,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:265%7D,%7Bpiv:0,vs:o,r:l,t:277%7D,%7Bpiv:100,vs:i,r:,t:281%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:281,n:277,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:265,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~1,0~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:o,t:277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D,%7Bsl:i,t:281,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:524,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19.10933%7C191%7C192%7C193%7C194%7C195%7C1a*.10933%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:265,sis:329%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:42 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BBE2 43 B
215 B 129ms
129ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=d79678da-244b-63fb-3b50-ac99c89b828b&tv=%7Bc:rtzKYY,pingTime:1,time:1282,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:265%7D,%7Bpiv:0,vs:o,r:l,t:277%7D,%7Bpiv:100,vs:i,r:,t:281%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:281,n:277,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:265,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~1,0~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:o,t:277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D,%7Bsl:i,t:281,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:524,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19.10933%7C191%7C192%7C193%7C194%7C195%7C1a*.10933%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:265,sis:329,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:42 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BBE2 43 B
215 B 128ms
128ms Image
image/gif 2600:1f18:1aca:4280:a871:9680:529f:f9f1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=d79678da-244b-63fb-3b50-ac99c89b828b&tv=%7Bc:rtzKYY,pingTime:1,time:1282,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:265%7D,%7Bpiv:0,vs:o,r:l,t:277%7D,%7Bpiv:100,vs:i,r:,t:281%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:281,n:277,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:265,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B17~1,0~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:o,t:277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D,%7Bsl:i,t:281,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:524,fm:tkHcnpO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19.10933%7C191%7C192%7C193%7C194%7C195%7C1a*.10933%7C1a1%7C1a2%7C1a3%7C1a4%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:265,sis:329,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a871:9680:529f:f9f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 08:23:42 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEP1u42TqdXIksJGTW3djj6M&google_cver=1&google_push=AZmPxg9Y2IqoHSF3Q6HT5i9-7l_EWbufDzxQ17IE28wH_IwDylP6LqGUJfahv56aAmH-v-LQFs5D4TknQ8I0zaKmOfcd2FZ909X6LQ

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.capital.ua/	1970-01-20 15:35:03	Name: sess Value: hb1gid8v4cjupii60qi050js20
.capital.ua/	1970-01-20 16:25:27	Name: _ga Value: GA1.2.922424976.1666167819
.capital.ua/	1970-01-20 06:50:54	Name: _gid Value: GA1.2.1275323833.1666167819
.capital.ua/	1970-01-20 06:49:27	Name: _gat Value: 1
www.capital.ua/	1969-12-31 23:59:59	Name: b Value: b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: KJFxcXHlcsE
.doubleclick.net/	1970-01-20 16:11:03	Name: IDE Value: AHWqTUmLixXzU8lTmPmBU4FtfjC0fPjJ7kjuXQMwFwBqVlyRwiClW_B6fFnHC8VChz8
.capital.ua/	1970-01-20 16:11:03	Name: __gads Value: ID=23f4dbfbae140b80:T=1666167819:S=ALNI_MbsMtwnLpXJVC3hAyvXHoo-HWC6ow
.capital.ua/	1970-01-20 16:11:03	Name: __gpi Value: UID=00000b756a3aa883:T=1666167819:RT=1666167819:S=ALNI_MZ1oWnN_ybS_fUIw7qZ-pQRPEZy_g
.adnxs.com/	1970-01-20 08:59:03	Name: uuid2 Value: 9026360797071360776
.casalemedia.com/	1970-01-20 15:35:03	Name: CMID Value: Y0.0DMsXXDxYwh0x9VY2sgAA
.casalemedia.com/	1970-01-20 08:59:03	Name: CMPS Value: 3353
.casalemedia.com/	1970-01-20 08:59:03	Name: CMPRO Value: 3353
.adnxs.com/	1970-01-20 08:59:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%udZ_v0!]tbPl1M>e)ZlrFUfJ+tGXxpSFw8-x`yiSe^`=muFAP9EP3>Rt^xC[sMG'USbpRzqF1`b`202#[0
.quantserve.com/	1970-01-20 08:59:03	Name: d Value: EBABCQGvJ4EA
.quantserve.com/	1970-01-20 16:19:42	Name: mc Value: 634fb40d-3535f-4e0b1-23a99
.casalemedia.com/	1970-01-20 08:59:03	Name: CMTS Value: 1109
.innovid.com/	1970-01-20 08:59:03	Name: uuid Value: 561a095c-f79f-49f9-af05-13a6f4b1d8d7-20221019 04:23:41

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.capital.ua/(Line 11) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEP1u42TqdXIksJGTW3djj6M&google_cver=1&google_push=AZmPxg9Y2IqoHSF3Q6HT5i9-7l_EWbufDzxQ17IE28wH_IwDylP6LqGUJfahv56aAmH-v-LQFs5D4TknQ8I0zaKmOfcd2FZ909X6LQ Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a54aa7eb6b5b2aea480a11b03411796.safeframe.googlesyndication.com
accounts.google.com
adservice.google.co.uk
adservice.google.com
ag.innovid.com
apis.google.com
c.bigmir.net
capital.ua
cdn.besafe.global
cdn.doubleverify.com
cdn.gravitec.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
content.adriver.ru
de.tynt.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.bigmir.net
ib.adnxs.com
ic.tynt.com
id.gravitec.net
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
platform.twitter.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
sc.tynt.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssl.gstatic.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
syndication.twitter.com
tcr.tynt.com
tpc.googlesyndication.com
www.capital.ua
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagservices.com
www.youtube.com
yt3.ggpht.com
googlecm.hit.gemius.pl
104.18.19.126
104.18.19.39
104.244.42.72
185.80.39.216
185.83.142.19
185.89.210.153
193.239.68.97
193.239.71.100
198.47.127.19
2001:4860:4802:32::178
216.58.212.162
217.16.18.207
2600:1f18:1aca:4280:a871:9680:529f:f9f1
2600:9000:2451:f400:8:455e:4a00:93a1
2600:9000:2491:8e00:8:48e:53c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3037::ac43:9389
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2001
2a00:1450:4001:802::2001
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::200d
2a00:1450:400c:c0b::9a
2a02:26f0:3500:58b::4469
2a02:6ea0:c700::19
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d01c:1d8:8101:cfdc:31d9:d343:7a95
34.149.12.213
34.98.67.61
35.227.252.103
45.133.44.3
52.208.57.60
67.202.105.31
67.202.105.33
69.173.144.138
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
071e2b1d9a2b097b02637097cf21b804874be907bb233c0d2da7ac9e60dc7d95
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13026dbf242c233de9ee074af44fb00562d9ceb94cd6cfa95dfbf192b40f1f56
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
16883eb473f914e95231a8883dcd923f38fcdecf577ee067a0199c398573d9d7
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1a0204474934112a6a39bedafb7614a689d6fec65a7423fa57fe5fd58369c6ac
1aed11cb5536154644e73c874b28d26fa48d32e56d1c9298a409372c1cb4f576
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
209300f84ce14ba04694409d36cd5677acc3c8c452c9e7f3fb787cdd5a6a7688
228e2ebdecc19ec30840417c28828f14e32cdc22a9b80b3ed6f05c309f525709
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
24f606534676efa249cf3bc2bdada651b56502aa9121e8cbf898eb39ba405e25
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
281ce98b441f1e5d717feb1eaf58d39a77f64886e9a8203dba1e21e05ffb0b06
2ae76b693c9ae3d90eb97c87446852889c49a979eb8014e97cf9c3a9dcb8a3ed
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
309171b26fdad31d0e64c028d8dff55761e9b7c3cb25a71abdf4507619115226
350bced20d8c9ed3eccbc0b344aad8e292f6eef92752334683228761a257ac0f
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
36819ca2340b20813e1d2eecff934810e65167f054d1f62cdbaf774f0136bfb4
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
3a5cf1105d60aeb4bd2e6420554aecd6321e547a557a60adaefa03a482bdb1c5
3e7284d318cd4fe11463345aacc2c056edde135c6c7e6f52a74bfcbd4b0a005b
3f08af001134142200d0ef8e41ecb0f6f8d91951208c13f9e207e78d8f928b40
40b39ecfb0a69c9b8b145596dc63355850353298908699a12b44cb343285d18c
43e0114a5f3917cb974acfccdafcf8e447a5147257e1bfd765c64ec4a62345e9
44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bca3d7095cfd66495e1ab002c3f29c473e8937598bb6587c9837b08eaa586e6
4c7d07bc8666e331ff592c7f53c7a48880b17bc312af3484bfafc10f40685283
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511a0d1515cd71096dd0a3043120145478906f49a659403c4863820559499fc5
5444b06473882633b03435c4a2d8311af94223f4a428d13648c70f1bba62fc65
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5baeb0ba58b9753072a4ab406a67e1c03a32b90699e831f3fa3baf959d82e591
5f9260505cb5526e66a90f881f03937ac90713ccd18b2e8ff87d1675b388aea8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6247f7daed995cfb08f37d0007fad0cb1d63ef1b2de5cecf9c0ab86d85a5d65a
631c272f7f88a030ed11f904ab44f1015e8a2a04fe5a75af36dc0a098f29ca49
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
75aaec4b62fba6c84cb3c62422aaf9ac5daa12d8f6682f2e332d2a6ab24592d7
7659dc6c77000ec4b6745b5e6af107bd30ad9a0e92bfc0e406d5209ede488608
7c22238b94a54738b7abd0a017c2aa6a4edba9f4c18cf6192a6953bd753c07a9
7c94c9af82fd4dc9f46f53f948932829c6d17982e61625a5aa8ccd9339ee35aa
8277e5ee4b5cb9dc4ab09d5704dba84190bfde4f1f4931d1162081c915ac303b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aaafe790719485f7f4955653757b9a3d8b22cd6d97f42b8a2ac3f7a63f58ccf
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d3c04e9e7e6154c1ca2e831613a83c093486264c3f1e0353b3d0fb9e23129f9
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
96aec8c9f7981a987d0bacb3de756545e59a163f7fc94c47eea050b2f06316dd
98280a2e473b4c77505ccd09e2d3a336448fe7742694869634aaa872956727df
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0cf09bd9f43169d5c8293631fc8c1a507f227a1ccd0f688d68e1334d5fcef8f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ddc44e3081c49237803054c042aaecc07bb19cd5881c1f331e7a1da9aa1ede
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae8ca9667580cbfae698d922360d33e82dc3a0b93736bd3b41392e2036a50c17
ae9f8b2245fd6258201abe84a8d5f0800b0c96bbd5525cee109e4ca89741ebed
b0e3511da30f023f4e84ab19ec938d9c764d3b966e3296b1d582c9809d289787
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd
b4917a5290466244353dc49caa11b14916816e7523850ff103fabb5484222e0a
b510daf4a269c50ee4669c06f25d6b141676acfd21d3faa9663a19e96ac2cf01
b609d03e5eb0262f81d13db10ab37f2e0890e06f225f485aebe1efa33ec4c9e2
b83f16828bd83d0d23827633f90ff31b26ce65269772607912ae09f6c69ec9f2
bbfedbec8c19e0e93646a74d2a83346d563db2821b2f0ae2c0bb5e43989612cc
be66554323059a0abbfa9f331f06186ebc979027fe2c85f15ee79e4aa593b8b2
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c6022b9877bec4a03206412f11da47ccd5529399b152f41b9c7f0f3a0368e32f
c833bd99884dc5216eba53b552c0c800dfe5c5f6694891fc8e6f42f782fb2ad0
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c933e728143fe869db0c64b7a4579fe8a36a4d5b698e74d29e71de862a9e69a1
cb60fce33ad955171d1fa963d4aa2231a11846a4a4660f7c518f7799d92ff723
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cedd780f76a420cb35b50a5a67dd45a38504ea9d5cb8f659f0539a4b19c3c8fb
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d32f16a8513989400a9e3311f0c1cd68bcada10f0b280c4349a8e067e144abf2
d75dc75cb106de2457bd8b4c6ec3bfcb6956ec5a71ae1d63bd3c04bca50d0c04
da42947db2dbc8b734af5c4824cc9d4b7dcf3c3e239ea97734c635124dbdd2f1
db54105fde6a0d05b0128e79b9cb1f62c03f6b1ad56f2f3d4c276b502b89e58a
dcaf67aaced809a8a66e31ea3e7c0623de21c3a3509f3af9e70574bc9d420dce
dd2d5121b311ae2773521cad6644392e12a6153a096c4a05d9a6934ecd92b12e
e01358e148e7ff07b30c68688be48742e180a2b3875024d53084cc187365a4e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f72c00b15f5e8de9e6d3b0ce7cb5844461b95b80b2765684e8251674898602e7
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.capital.ua Open in urlscan Pro 2606:4700:3037::ac43:9389 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

192 Requests

92 %HTTPS

59 %IPv6

30 Domains

52 Subdomains

44 IPs

10 Countries

2001 kBTransfer

5426 kBSize

18 Cookies

1 Outgoing links

Page URL History

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.capital.ua Open in urlscan Pro
2606:4700:3037::ac43:9389 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

92 %
HTTPS

59 %
IPv6

30
Domains

52
Subdomains

44
IPs

10
Countries

2001 kB
Transfer

5426 kB
Size

18
Cookies

192 HTTP transactions
3 data transactions