kolobok.ua Open in urlscan Pro
193.29.200.162 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kolobok.ua/
Effective URL:
https://kolobok.ua/
Submission: On May 22 via api (May 22nd 2022, 8:23:28 am UTC) from GB — Scanned from GB

Summary HTTP 329 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 54 IPs in 12 countries across 58 domains to perform 329 HTTP transactions. The main IP is 193.29.200.162, located in Ukraine and belongs to UMHAS, UA. The main domain is kolobok.ua.
TLS certificate: Issued by R3 on March 14th 2022. Valid for: 3 months.

This is the only time kolobok.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	193.29.200.162 193.29.200.162	197203 (UMHAS) (UMHAS)
1	91.198.36.26 91.198.36.26	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
10	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
46	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 5	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
7	78.159.118.240 78.159.118.240	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	193.29.200.142 193.29.200.142	197203 (UMHAS) (UMHAS)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	146.59.30.104 146.59.30.104	16276 (OVH) (OVH)
1 9	185.180.220.208 185.180.220.208	49981 (WORLDSTREAM) (WORLDSTREAM)
14	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	92.122.146.218 92.122.146.218	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	167.71.9.19 167.71.9.19	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4 4	3.123.159.46 3.123.159.46	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	185.180.223.221 185.180.223.221	49981 (WORLDSTREAM) (WORLDSTREAM)
4 5	190.2.151.10 190.2.151.10	49981 (WORLDSTREAM) (WORLDSTREAM)
2	91.198.36.35 91.198.36.35	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
2 2	2a03:2880:f01... 2a03:2880:f01c:20e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
7	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
3	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	93.184.220.70 93.184.220.70	15133 (EDGECAST) (EDGECAST)
5 22	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4 6	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
18	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
2 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	2600:9000:224... 2600:9000:224a:9600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2 2	52.18.132.62 52.18.132.62	16509 (AMAZON-02) (AMAZON-02)
329	54

38 193.29.200.162 (Ukraine) 1 redirects

ASN197203 (UMHAS, UA)

kolobok.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.phnx.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua

i.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.37.238.28 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 78.159.118.240 (Mindelheim, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com

cdn.umh.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.cdn.umh.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 193.29.200.142 (Ukraine)

ASN197203 (UMHAS, UA)

exchange.informer.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.180.220.208 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl

ad.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.146.218 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-146-218.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

bgstats.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.123.159.46 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-159-46.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.180.223.221 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-221.hosted-by-worldstream.net

ad.mediawayss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 190.2.151.10 (Naaldwijk, Netherlands) 4 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-151-10.hosted-by-worldstream.net

ad.outstream.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.adopx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.invamia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.vidver.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)

h.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:20e:face:b00c:0:2 (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.znctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.70 (London, United Kingdom)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.34 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.236.247 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.243 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.236 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:9600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.132.62 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-132-62.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 130	868 KB
42	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284	308 KB
32	kolobok.ua 1 redirects kolobok.ua	960 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	2 MB
18	informer.ua exchange.informer.ua — Cisco Umbrella Rank: 707883	109 KB
14	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	251 KB
13	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 44664 inv-nets.admixer.net — Cisco Umbrella Rank: 2358	198 KB
10	mox.tv 1 redirects ad.mox.tv — Cisco Umbrella Rank: 47567 bgstats.mox.tv — Cisco Umbrella Rank: 56217	95 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	128 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	1 KB
8	twitter.com platform.twitter.com — Cisco Umbrella Rank: 664 syndication.twitter.com — Cisco Umbrella Rank: 954	214 KB
7	umh.ua cdn.umh.ua — Cisco Umbrella Rank: 274443 z.cdn.umh.ua — Cisco Umbrella Rank: 297093	8 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530	5 KB
6	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 48860 ls.hit.gemius.pl — Cisco Umbrella Rank: 12133	18 KB
6	phnx.click api.phnx.click	3 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 344	109 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	194 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1493 m.addthis.com — Cisco Umbrella Rank: 1449	219 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	2 KB
4	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 102 web.facebook.com — Cisco Umbrella Rank: 226	1 KB
4	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 134956 i.bigmir.net — Cisco Umbrella Rank: 269925	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	3 KB
3	holder.com.ua i.holder.com.ua — Cisco Umbrella Rank: 322843 h.holder.com.ua — Cisco Umbrella Rank: 287239	4 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 4319	791 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 615	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 571	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1040	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 399	366 B
2	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1528 pbs.twimg.com — Cisco Umbrella Rank: 702	11 KB
2	znctrack.net s.znctrack.net — Cisco Umbrella Rank: 174179	24 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4630	914 B
2	quantserve.com pixel.quantserve.com — Cisco Umbrella Rank: 427 cms.quantserve.com — Cisco Umbrella Rank: 1128	734 B
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 910	43 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	85 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 714 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2363	38 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 809	337 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 741	442 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 826	714 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3801	104 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1210	75 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 14703	555 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 594	191 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 511	838 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 493664	170 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	644 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1736	1015 B
1	vidver.to ad.vidver.to — Cisco Umbrella Rank: 85074	482 B
1	vidverto.io 1 redirects ad.vidverto.io — Cisco Umbrella Rank: 58585	548 B
1	invamia.com 1 redirects ad.invamia.com — Cisco Umbrella Rank: 86890	562 B
1	adopx.net 1 redirects ad.adopx.net — Cisco Umbrella Rank: 85452	579 B
1	outstream.today 1 redirects ad.outstream.today — Cisco Umbrella Rank: 81406	593 B
1	mediawayss.com 1 redirects ad.mediawayss.com — Cisco Umbrella Rank: 76909	614 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 444	736 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 374	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	5 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2213	1 KB
329	58

	Domain	Requested by
46	pagead2.googlesyndication.com	kolobok.ua z.cdn.umh.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
32	kolobok.ua	1 redirects kolobok.ua
29	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com kolobok.ua e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
18	s0.2mdn.net	kolobok.ua s0.2mdn.net
18	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
18	exchange.informer.ua	kolobok.ua exchange.informer.ua cdn.jsdelivr.net
14	cdnjs.cloudflare.com	kolobok.ua cdnjs.cloudflare.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com kolobok.ua cdn.jsdelivr.net
10	cdn.admixer.net	kolobok.ua cdn.admixer.net
9	ad.mox.tv	1 redirects z.cdn.umh.ua ad.mox.tv kolobok.ua
6	www.google.com	2 redirects kolobok.ua e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net kolobok.ua
6	z.cdn.umh.ua	cdn.umh.ua
6	platform.twitter.com	kolobok.ua platform.twitter.com
6	api.phnx.click	kolobok.ua cdnjs.cloudflare.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	ad.mox.tv googleads.g.doubleclick.net e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
5	gaua.hit.gemius.pl	1 redirects kolobok.ua gaua.hit.gemius.pl
4	googleads4.g.doubleclick.net	kolobok.ua
4	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	x.bidswitch.net	4 redirects
4	s7.addthis.com	kolobok.ua s7.addthis.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	inv-nets.admixer.net	cdn.admixer.net ad.mox.tv kolobok.ua
3	i.bigmir.net	kolobok.ua
2	match.360yield.com	2 redirects
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	syndication.twitter.com	platform.twitter.com kolobok.ua
2	s.znctrack.net	kolobok.ua
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.co.uk	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	web.facebook.com	2 redirects cdn.jsdelivr.net
2	h.holder.com.ua	i.holder.com.ua
2	unpkg.com	ad.mox.tv
2	www.facebook.com	kolobok.ua connect.facebook.net
2	connect.facebook.net	kolobok.ua connect.facebook.net
2	www.google-analytics.com	kolobok.ua www.google-analytics.com
1	onetag-sys.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
1	cms.quantserve.com	e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
1	ssbsync.smartadserver.com	e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	pixel-sync.sitescout.com	e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
1	px.ads.linkedin.com	1 redirects
1	pbs.twimg.com	kolobok.ua
1	cdn.syndication.twimg.com	platform.twitter.com
1	loadercdn.net	kolobok.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	ad.vidver.to	kolobok.ua
1	ad.vidverto.io	1 redirects
1	ad.invamia.com	1 redirects
1	ad.adopx.net	1 redirects
1	ad.outstream.today	1 redirects
1	ad.mediawayss.com	1 redirects
1	sync.mathtag.com	1 redirects
1	bgstats.mox.tv	kolobok.ua
1	pixel.quantserve.com	kolobok.ua
1	z.moatads.com	s7.addthis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	c.bigmir.net	kolobok.ua
1	cdn.umh.ua	kolobok.ua
1	cdn.jsdelivr.net	kolobok.ua
1	stackpath.bootstrapcdn.com	kolobok.ua
1	upload.wikimedia.org	kolobok.ua
1	maxcdn.bootstrapcdn.com	kolobok.ua
1	i.holder.com.ua	kolobok.ua
329	79

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
mediadim.com.ua
www.bigmir.net

Subject Issuer	Validity	Valid
kolobok.ua R3	`2022-03-14` - `2022-06-12`	3 months	crt.sh
holder.com.ua R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
api.phnx.click R3	`2022-03-14` - `2022-06-12`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-19` - `2022-11-17`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
cdn.umh.ua R3	`2022-04-10` - `2022-07-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-28` - `2022-05-29`	3 months	crt.sh
exchange.informer.ua R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
c.bigmir.net R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
ad.mox.tv R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
img.com.ua R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
bgstats.mox.tv R3	`2022-03-30` - `2022-06-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
s.znctrack.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-27` - `2022-09-05`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
loadercdn.net R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh

This page contains 47 frames:

Primary Page: https://kolobok.ua/
Frame ID: 49EA6D7086E95CC550C2996A86317BFE
Requests: 140 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 394BCBBBA53BFF56EAE26F32FF71EA29
Requests: 6 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: 5B8B469A15C53897B11808403FC811C4
Requests: 6 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 45C56BB7AD2078DE55D597A1DCBAEE00
Requests: 6 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: CF2EFF8C664D1E8504189A094AE57E5E
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 7D57F40F790169E109B39736CEEACD15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: 8CFDDBC93E68DBFC842294F9CAB3F581
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 59FE167C2EAAA313ED7EBE14127E2FA3
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 8FCCC3A28E3F0DB7B6B408611709805E
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: 43A730C8500BDB7D3E62DD6AC49D6880
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: C3E8EF8E7F17CD93231B989912418A6A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fkolobok.ua
Frame ID: A935B13BDBE0ECB52532D000545133FD
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv3.2%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df36dd93feff728%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff2ae60309ab034c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300&_rdc=1&_rdr
Frame ID: E44DFB46CBE531017A6A7C4AA58D0039
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F287CD01A145666EDE6D55789D25409B
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9367CC18DD9169A7E1FF337428BD8395
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1653207797&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797446&bpp=2&bdt=660&idt=496&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1405577575837&frm=20&pv=2&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=517
Frame ID: 7E585AB65AAFFC91E4A55096FFB0D0F3
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: C1C93B5A6D0F7D8C3860B311F11BDBE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6666085438&adk=3555305732&adf=3818598067&pi=t.ma~as.6666085438&w=728&lmt=1653207798&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797450&bpp=2&bdt=665&idt=552&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1405577575837&frm=20&pv=1&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RszSZNo5G4&p=https%3A//kolobok.ua&dtd=574
Frame ID: EA99CB76FEE63D83C3FA2C9DEB0BAD56
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653207798&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797452&bpp=1&bdt=666&idt=609&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1405577575837&frm=20&pv=1&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FGIZVajpKH&p=https%3A//kolobok.ua&dtd=614
Frame ID: AC945F4E4C81FCCFEC577B66F100B2D5
Requests: 32 HTTP requests in this frame

Frame: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AB29BF6089886B0D4E58060BE6A62FB2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13222403947336152692/index.html
Frame ID: 59214ACD50A8F30EA03E60B87FE89590
Requests: 7 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 99D8E73352EC23712193D6E12B695969
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3AAF533471EB10801968AD9E1109F7ED
Requests: 2 HTTP requests in this frame

Frame: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 76FCB26795DCFE26A00A03922ECC324B
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: 134C938FDB1C1576B4D29AE38E85D2C5
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Frame ID: CF8B3ED84BEBA7EBF173772D19660B2C
Requests: 2 HTTP requests in this frame

Frame: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3E4092821138A907E6759A9EB4EB1DCA
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNWez1xFxgkVxtHVHCu-dPUN5ujy055hY0cw4chTNBzGsiuUz10WgHnVEsY5cN2-j2F_qpJls9cAtew1KdT9fGamqe6AmxK2WlzlV1LJaMs5r5RPBBhn5U48eJFyvh-1_ya-yU-JmwHm_XkIHz9FO6lijjBFGs8FIljGHQoLxVZ8xJI9rFf7L3oyNwD9sVbngA7wP4pB
Frame ID: 6E61FD6FDB46A7408C3455B91E8749C1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMYirSayQEwAQ&v=APEucNWOJ0rVJofQOp-k24W3N_2Rjdpjs7jaGxKyCmQlOn7W6VDydQ2gQkkHV2Qkg4WKmz_gA1ME1j-3ogKA1zVBnhvrVwVbTJFTWTmBpmkZnEFsVjYq9IuWwIIxNLwCyiKtsrWGY2JU0P1JhOmA_Lgo3mIYohqS-hsqlZMIZGRji7jpl7jVPWs
Frame ID: 71889141E099E05AC4ACCEC9DE753A6B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Frame ID: 805786CD0E0D1A19383242EF2BC2AA0D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7C6F140AC50088E705AA3A5937AB7DA0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C7E4FB4570D6E13819AF04A248CDCACF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DA3BCA1B44FD3DC4E34F2E5591DEA77F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7126DCEA0EF5B4D2EDC60FD877DDF8A2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247
Frame ID: A905DCE37EFF2AD2065CAB69082FC0C8
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247
Frame ID: D12804727C1194C6A674A8226D9EF434
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Frame ID: B96C56F948B879FE3E99079EF418E18A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Frame ID: 56770A2B5A3F574D46C470162F3444A6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Frame ID: AEC8A9F16C26C799F664E3F9E844EFDA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Frame ID: 0D398033F6E512C5896F65C7AC934646
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653207798&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797452&bpp=1&bdt=666&idt=609&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1405577575837&frm=20&pv=1&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FGIZVajpKH&p=https%3A//kolobok.ua&dtd=614
Frame ID: 829B012F8EC612881FBC32BC75B93A96
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36dd93feff728%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff2ae60309ab034c%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300
Frame ID: C0A1FB4817E71DA3BD42C18AE8DC9FD3
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: D79902EAEC66FD72852893BF7249196F
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: 63EFBC828539E77EA105821147CC955B
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 5CE2BD1DB8BFE2CBA3A2BF766C744470
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B9E3DF69403D90AF328E3501730B006E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C24C0536EC71F025C994878434648639
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Дети, родители, семья и отношения - KOLOBOK.UA

Page URL History Show full URLs

http://kolobok.ua/ HTTP 301
https://kolobok.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

329
Requests

91 %
HTTPS

46 %
IPv6

58
Domains

79
Subdomains

54
IPs

12
Countries

5583 kB
Transfer

11683 kB
Size

79
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/kolobok.ua.group/

Search URL Search Domain Scan URL

URL: https://mediadim.com.ua/donate/
Title: Допомогти журналістам

Search URL Search Domain Scan URL

URL: https://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kolobok.ua/ HTTP 301
https://kolobok.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

https://gaua.hit.gemius.pl/_1653207797871/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=qcQRUn7ICOyxDfLUwmtphnHcYpf3UH4Gf9Gwkie6o_z.f7McI1RrCoscLjQfLY1ZOkxPpcjSI6lvXl.hUAY3Smn.Z0ST/Oys67UXpb_9YN/&ltime=475&fpdata=BpYcFfv8Rrl3kucHbStotZoWG5TChFdjHBA7yK323dj.L7&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1653207797871/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=qcQRUn7ICOyxDfLUwmtphnHcYpf3UH4Gf9Gwkie6o_z.f7McI1RrCoscLjQfLY1ZOkxPpcjSI6lvXl.hUAY3Smn.Z0ST/Oys67UXpb_9YN/&ltime=475&fpdata=BpYcFfv8Rrl3kucHbStotZoWG5TChFdjHBA7yK323dj.L7&fpcap=

Request Chain 115

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=39ad68b6-4907-4603-8bbc-df4a35efd1ab&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=39ad68b6-4907-4603-8bbc-df4a35efd1ab&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=aae46289-f2f6-4000-b79c-fe21c678649d&expires=30&ssp=prodoohmox&bsw_param=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&gdpr=0&gdpr_consent= HTTP 302
https://ad.mox.tv/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214 HTTP 302
https://ad.mediawayss.com/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
https://ad.outstream.today/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw== HTTP 302
https://ad.adopx.net/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
https://ad.invamia.com/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
https://ad.vidverto.io/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=YWQudmlkdmVyLnRv HTTP 302
https://ad.vidver.to/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=

Request Chain 119

https://web.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36dd93feff728%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff2ae60309ab034c%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300 HTTP 302
https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv3.2%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df36dd93feff728%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff2ae60309ab034c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv3.2%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df36dd93feff728%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff2ae60309ab034c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300&_rdc=1&_rdr

Request Chain 196

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 243

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEODJ4vud8urIpJrKau64KW8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEODJ4vud8urIpJrKau64KW8&google_cver=1&C=1

Request Chain 245

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yony9zytm3AI6FafCdYBFgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEODJ4vud8urIpJrKau64KW8&google_cver=1

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGGJBvlrfbF0Z-YY_MLTyqg&google_cver=1

Request Chain 247

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYwNDgxMDkxMTUzNDUwNzA5Nw%3D%3D

Request Chain 248

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOEtuCB2q7P4R9dWvyL_csU&google_cver=1

Request Chain 250

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELeQy2lwZbUczuu0FK6NAnc&google_cver=1

Request Chain 272

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJBuwuRi7An9z8IySbAd9EM&google_cver=1&google_push=AYg5qPKYQuBaOciwcnL6sPcfwxDLzkxr4RP_ibWsyKVEHc4HdbzxfB73zvIen-UzWneJRGrVld-fXA2DiNpwUuuiC4L615k4SdFblg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPKYQuBaOciwcnL6sPcfwxDLzkxr4RP_ibWsyKVEHc4HdbzxfB73zvIen-UzWneJRGrVld-fXA2DiNpwUuuiC4L615k4SdFblg

Request Chain 274

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJyio8HXHaqijCZexBKMcuI&google_cver=1&google_push=AYg5qPL9MZXxhAY2F87z5YYnoUiJxZyr_i9nT7artpec4TQLl8yCjNRJkCEx-1WuvTtS5Mxes9rANKkkW9ZWZdHCf1R6mWUE0pWVDA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zQaFkTy1RmKtcIq8v-8puA2&google_push=AYg5qPL9MZXxhAY2F87z5YYnoUiJxZyr_i9nT7artpec4TQLl8yCjNRJkCEx-1WuvTtS5Mxes9rANKkkW9ZWZdHCf1R6mWUE0pWVDA

Request Chain 275

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECpm7Homcigk3Yg1D5PaMoA&google_cver=1&google_push=AYg5qPIy31tUYrN5ESJoFqU4Lwz6i8d87-scjWCOL32sWF3oYZ_JDewqXNpMRIg88AThJ5893r-1pZRrXvAvJm-craWoBk_Tocm83w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIy31tUYrN5ESJoFqU4Lwz6i8d87-scjWCOL32sWF3oYZ_JDewqXNpMRIg88AThJ5893r-1pZRrXvAvJm-craWoBk_Tocm83w&google_hm=WdH4KY_nTgeLG20fw9dCFA==

Request Chain 276

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELL7wzDhWNyZgVKRm3UT50s&google_cver=1&google_push=AYg5qPI1H6lLOR0xnY6fluEi4Sb9eH66nlTxtTb_Vy3t_uSklkQUZPBhZSuW8V4NCrnTLDB1ygk9to97obcEA7wPlNxBL95cavrp HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELL7wzDhWNyZgVKRm3UT50s&google_cver=1&google_push=AYg5qPI1H6lLOR0xnY6fluEi4Sb9eH66nlTxtTb_Vy3t_uSklkQUZPBhZSuW8V4NCrnTLDB1ygk9to97obcEA7wPlNxBL95cavrp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI4NTA2NDA4MTMxMTk4NzI1MA&google_push=AYg5qPI1H6lLOR0xnY6fluEi4Sb9eH66nlTxtTb_Vy3t_uSklkQUZPBhZSuW8V4NCrnTLDB1ygk9to97obcEA7wPlNxBL95cavrp

Request Chain 277

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDyrpRqny8TEhp9NxouokiM&google_cver=1&google_push=AYg5qPLoOrqjwpP41jByCW1sfyZooFi0YmoUQFfgzQrDAP58M6C67yXaEDcPbDBVuwAZ1aT4vPH1nxztecxPbe4ghJX1r2EPER670A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yony9zytm3AI6FafCdYBFgAAAUkAAAAB&google_push=AYg5qPLoOrqjwpP41jByCW1sfyZooFi0YmoUQFfgzQrDAP58M6C67yXaEDcPbDBVuwAZ1aT4vPH1nxztecxPbe4ghJX1r2EPER670A&google_gid=CAESEDyrpRqny8TEhp9NxouokiM&google_cver=1

Request Chain 284

https://um.simpli.fi/gp_match?google_gid=CAESEMPwwcGW1je3-85tfaS5Z0U&google_cver=1&google_push=AYg5qPI_ztDyMKaXgnIVgEcS3B6SDkikULIJtg4V6WA3es6S9lKrhZWZtERJlZPmV3rm7HNjGYPhfm5XLOl4mu_PdKwIcfzWOK373Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24AC5F5DA5344D0B9E20D36379FE01B7&google_push=AYg5qPI_ztDyMKaXgnIVgEcS3B6SDkikULIJtg4V6WA3es6S9lKrhZWZtERJlZPmV3rm7HNjGYPhfm5XLOl4mu_PdKwIcfzWOK373Q

Request Chain 285

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPJe7k314ltiYlxwGLYa0tw&google_cver=1&google_push=AYg5qPKjAo1UaLLnAegzYgTqqCl52jpBWQsbviPI19Nc50bwW9K35jY_YXj2NgkFMzJKAtJvDYrUByTbP-I052pIQw8Xt2htuO8w5A HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPJe7k314ltiYlxwGLYa0tw&google_cver=1&google_push=AYg5qPKjAo1UaLLnAegzYgTqqCl52jpBWQsbviPI19Nc50bwW9K35jY_YXj2NgkFMzJKAtJvDYrUByTbP-I052pIQw8Xt2htuO8w5A&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKjAo1UaLLnAegzYgTqqCl52jpBWQsbviPI19Nc50bwW9K35jY_YXj2NgkFMzJKAtJvDYrUByTbP-I052pIQw8Xt2htuO8w5A&google_hm=Erp3sGZHmj9xCrYMTQ-q2xzt

Request Chain 286

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEI34vCK1Wo64jNz5gwMAlx0&google_cver=1&google_push=AYg5qPK17uDZJtdeSRytTvGtDdGHjY9Z3YO5p5Q_a2OGrWqwdsdwwo5B1d1m3aZT6n7wpPO94ESeF8UyPtBElkezMzFCus8oTghHbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK17uDZJtdeSRytTvGtDdGHjY9Z3YO5p5Q_a2OGrWqwdsdwwo5B1d1m3aZT6n7wpPO94ESeF8UyPtBElkezMzFCus8oTghHbw

Request Chain 287

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENy3yac3q26PZmn1SL9t4qk&google_cver=1&google_push=AYg5qPJYQrJIMp_xhh_-fqct1C_ycDv8Hvk20FRfZvK62m3jmW7ttduMc_0xBoKz2zce_KBKzH3mHqjxrATUdVBf99AId3D9Tvc_uQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJYQrJIMp_xhh_-fqct1C_ycDv8Hvk20FRfZvK62m3jmW7ttduMc_0xBoKz2zce_KBKzH3mHqjxrATUdVBf99AId3D9Tvc_uQ

Request Chain 288

https://match.360yield.com/match/ebda?google_gid=CAESEFFHCgd1Oc8I3OEwtuyxTak&google_cver=1&google_push=AYg5qPKVgiDGksOgn6pz3VhQRIKOrLJqgdwfsU4kkYI6ooMrmlkFc07cl4Xq_OGRVmvrk9nnfZqVlYkz9w_kcOEbEHCO52wax-O9mQ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFFHCgd1Oc8I3OEwtuyxTak&google_cver=1&google_push=AYg5qPKVgiDGksOgn6pz3VhQRIKOrLJqgdwfsU4kkYI6ooMrmlkFc07cl4Xq_OGRVmvrk9nnfZqVlYkz9w_kcOEbEHCO52wax-O9mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TIjr9wOsRxO2FD89I8x8Sg&google_push=AYg5qPKVgiDGksOgn6pz3VhQRIKOrLJqgdwfsU4kkYI6ooMrmlkFc07cl4Xq_OGRVmvrk9nnfZqVlYkz9w_kcOEbEHCO52wax-O9mQ

329 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kolobok.ua/
Redirect Chain

http://kolobok.ua/
https://kolobok.ua/

141 KB
29 KB

708ms
558ms

Document
text/html

193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01dce02aff976143448860a408737e78411b9e778b298941cc2aae3e002da0db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 08:26:00 GMT
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Sun, 22 May 2022 08:25:59 GMT
Location: https://kolobok.ua/
Server: nginx

GET
H/1.1 200
OK holder.js Show response
i.holder.com.ua/t/ 9 KB
4 KB 353ms
73ms Script
application/x-javascript 91.198.36.26
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.holder.com.ua/t/holder.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: i1.i.ua
Software: nginx /
Resource Hash: 8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 22 May 2022 08:23:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 14:14:15 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Mon, 22 May 2023 08:23:17 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 393ms
132ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:23:59 GMT
server: nginx
etag: W/"6282425f-2c101"
x-cached-since: 2022-05-22T08:14:58+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Mon, 16 May 2022 12:35:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
56 KB 161ms
67ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b0b941d729d1bb18820db89fd07d08a7aebd494158cd0c1d90bd9482ff9d0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56512
x-xss-protection: 0
server: cafe
etag: 17861177386339106533
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 May 2022 08:23:17 GMT

GET
H2 200 toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 6 KB
3 KB 154ms
59ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5305033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2517
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1936"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZk0gqVFsIZwyuWx3C6SjU%2FwGDzgxDinARaxGSiBLCFpT%2B3t7q0dNgBh4IMLIyluTrf2ca%2Fg%2FCeLpJNTVr6IC77XuyOcGpUv%2BXFv4GLzlFuTLudg3f8yquOzK6cMEOJUuqjwLyewLwt%2Fv59KJF2VNPtp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261acb6a0215-ZRH
expires: Fri, 12 May 2023 08:23:16 GMT

GET
H2 200 common.css
api.phnx.click/css/ 571 B
465 B 218ms
69ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/css/common.css?1
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
content-encoding: gzip
last-modified: Mon, 16 Mar 2020 13:55:41 GMT
server: nginx
etag: W/"5e6f855d-23b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 notice.css
api.phnx.click/common/CookiesNotice/ 945 B
662 B 218ms
70ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/common/CookiesNotice/notice.css?3
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Apr 2020 07:30:42 GMT
server: nginx
etag: W/"5e96b822-3b1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
22 KB 151ms
56ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 865
age: 82286
cdn-cachedat: 03/26/2022 19:00:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c4467bd048558bae62b72a591c0eb8f4
cf-ray: 70f4261acd4b0211-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/ 54 KB
10 KB 152ms
57ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2722521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9804
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-d747"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yk2jku%2F7ONYyhRsmO4tS%2B7JTiRIfrdSJGAd4geijVIc7iPcnGl7Xf7yf0qHRaykak0CajYYWMoqufZFhJyUFilK%2FqDy3Ewuw24M1RDKu6e054AA8oHfptmWYpG8UsDfYszs1A8pc0mera0OBLM2RiaYw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261acb6b0215-ZRH
expires: Fri, 12 May 2023 08:23:16 GMT

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.2.2/css/ 19 KB
3 KB 153ms
58ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.2.2/css/swiper.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d41cc80678502aaf3181f2f00f46553773fc0da93ab9290f2da2ae64720f1f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17072996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2583
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-4d3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnXZQZsF7kNLDzSiIiadFAYnmAO5WhTTPKVq9801lq7TCuvNCPNlNOQIMQVqW%2BYuuNM63iIsXUu1Br1z2MLRClqwJ6l3%2BxNmr2V%2B9ro%2F3yAewom41C4qRvqbIuOeivOidBffX1Wn6uAlziqZssH6SlJQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261acb6c0215-ZRH
expires: Fri, 12 May 2023 08:23:16 GMT

GET
H2 200 style.min.css
kolobok.ua/css/ 67 KB
14 KB 76ms
75ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/css/style.min.css?8
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d0f1e4e77e17ce26fbc4740970cb36bf9c1448242bbed6725897c804ad099416

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 10:29:16 GMT
server: nginx
etag: W/"6168067c-10bc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.css
kolobok.ua/a-custom/ 40 B
320 B 76ms
76ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/a-custom/custom.css?6
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1f7c5b9fc7520d2735786380c08033a9d450b27ef40c0f660f03b615aecb2293

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
content-encoding: gzip
last-modified: Wed, 31 Mar 2021 07:23:24 GMT
server: nginx
etag: W/"6064236c-28"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_top.png
kolobok.ua/images/ 8 KB
8 KB 86ms
82ms Image
image/png 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/logo_top.png?1
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Thu, 04 Feb 2021 12:11:24 GMT
server: nginx
etag: "601be46c-208f"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8335
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6e5e1d05f2497ec2e2c9e68245ad444f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/63/06/54/5/6306545/image_main/ 61 KB
61 KB 86ms
82ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/06/54/5/6306545/image_main/6e5e1d05f2497ec2e2c9e68245ad444f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b1eaea9c6437b097c1546e8cfbdcd1d10098170ea999bb9ad7b865ddf34baed2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Sat, 21 May 2022 18:17:01 GMT
server: nginx
etag: "62892c9d-f408"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 62472
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0093ee1f65fcfe812b26d21a571c35e2-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/80/76/26/807626/ 46 KB
47 KB 160ms
156ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/80/76/26/807626/0093ee1f65fcfe812b26d21a571c35e2-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7d6f723401d9bff849050ca1dcf1078c770a7e49a7491d5e3eadcff562a9d6d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Wed, 21 Aug 2019 19:45:42 GMT
server: nginx
etag: "5d5d9f66-b940"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 47424
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 910858760ca16a7d46b3722558d00073-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/63/05/22/3/6305223/image_main/ 52 KB
53 KB 229ms
226ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/05/22/3/6305223/image_main/910858760ca16a7d46b3722558d00073-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ee5416b91df2826739bc6fcd6107439a854672768c5bff64b959c1ed9aff11de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Thu, 19 May 2022 20:16:00 GMT
server: nginx
etag: "6286a580-d0bf"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53439
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 91f701605b555012b8cd9f467c03e7f0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/54/85/65/3/5485653/image_main/ 27 KB
28 KB 232ms
228ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/54/85/65/3/5485653/image_main/91f701605b555012b8cd9f467c03e7f0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8b36b4daa26a130a8893c0ade843e3542251b7704af84b4504633ed52963fb2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Sat, 23 Oct 2021 07:20:26 GMT
server: nginx
etag: "6173b7ba-6de6"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 28134
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c3fc1024f9c9d153b18724eda05d99ac-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/81/00/55/810055/image_main/ 71 KB
71 KB 232ms
229ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/81/00/55/810055/image_main/c3fc1024f9c9d153b18724eda05d99ac-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c9779c7b61fbc1dd54800b971b134f4370c625e0e47f6d4360245bec3e89696a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Thu, 20 May 2021 11:17:38 GMT
server: nginx
etag: "60a64552-11b05"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 72453
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a7a6dc0508b07535601f69fbb8b2116d-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/63/02/52/1/6302521/image_main/ 31 KB
32 KB 303ms
300ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/02/52/1/6302521/image_main/a7a6dc0508b07535601f69fbb8b2116d-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5083460fd3a067ce014eb6de7fd19dce63a82c4a3c1a70b7a53509980f3f6a1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Mon, 16 May 2022 19:38:32 GMT
server: nginx
etag: "6282a838-7cd8"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 31960
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8e01d95220b5bbc0de393ec905cc7119-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/99/84/69/998469/image_main/ 66 KB
66 KB 305ms
301ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/99/84/69/998469/image_main/8e01d95220b5bbc0de393ec905cc7119-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8542b7f6a83905880abe2bd34c191aaa1e06459cde1b5deaca20cb0f8d4ec679

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Wed, 21 Aug 2019 22:47:51 GMT
server: nginx
etag: "5d5dca17-1079d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 67485
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3e3c1ff62725543e713f9c54dcbfaf83-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/18/40/09/6/1840096/image_main/ 96 KB
96 KB 306ms
303ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/18/40/09/6/1840096/image_main/3e3c1ff62725543e713f9c54dcbfaf83-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c8ac371ada16579ff27732791cc246a77d09c9084c27259a5ecb1eea46ffdf74

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Sun, 06 Jun 2021 06:10:05 GMT
server: nginx
etag: "60bc66bd-17feb"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 98283
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 db4abe68b9334485671a21f8d5403294-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/81/25/19/812519/ 77 KB
77 KB 312ms
309ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/81/25/19/812519/db4abe68b9334485671a21f8d5403294-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 84e2334be16bb9089e778602d19cbb11ad857ece94cfd7e18d1fd76792e88f5b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Wed, 21 Aug 2019 20:48:32 GMT
server: nginx
etag: "5d5dae20-13497"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 78999
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8b540cecf24430e7dfccb28be66acbaa-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/49/26/02/9/4926029/image_main/ 117 KB
117 KB 313ms
310ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/49/26/02/9/4926029/image_main/8b540cecf24430e7dfccb28be66acbaa-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: cf7340f306764340d26c6589a92e2f08da87f0a5a07c986b0b310e466fcd8bea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Fri, 07 May 2021 14:01:32 GMT
server: nginx
etag: "6095483c-1d443"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 119875
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1x1.png
upload.wikimedia.org/wikipedia/commons/c/ca/ 95 B
1 KB 108ms
34ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/c/ca/1x1.png

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 15:57:19 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 59157
x-cache-status: hit-front
x-cache: cp3063 hit, cp3053 hit/133833
server-timing: cache;desc="hit-front", host;desc="cp3053"
content-length: 95
x-client-ip: 2001:ac8:21:e::7
x-object-meta-sha1base36: 1q4na1xj6topzln51tpzqqxtdtdwo9p
accept-ranges: bytes
last-modified: Sat, 04 Apr 2020 08:42:56 GMT
server: ATS/8.0.8
etag: 71a50dbba44c78128b221b7df7bb51f1
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin: *

GET
H2 200 audio-tailes.png
kolobok.ua/images/ 17 KB
17 KB 378ms
375ms Image
image/png 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/audio-tailes.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 23cf8643e60f9e01b1bcf914c323f3861466997045f8aee8ea1c737f6fb5a21b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Wed, 09 Sep 2020 14:44:19 GMT
server: nginx
etag: "5f58ea43-4374"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 17268
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 205ms
46ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B80) /
Resource Hash: 2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 22 May 2022 08:23:17 GMT
Content-Encoding: gzip
Age: 616
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29461
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:06:46 GMT
Server: ECS (amb/6B80)
Etag: "f1369725ba22125b0df0251e74090aa0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/ 86 KB
28 KB 52ms
51ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/jquery.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1412986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27781
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyZhUKeCtQ0miVkRjUk5w1IQbP6hYFP2ODQn0IzVrq6v4Mm3iHIq47EYpV5lgtoj5SdVsyptcBZGqQy12Jf28gZk2w0CPl3Mol2gTbCxgdVK5uuVvcr6RQMsJwrMpYVBk1NP4VhM5TdvS6G2lmbPqL7x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261c6d7a0215-ZRH
expires: Fri, 12 May 2023 08:23:17 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 64ms
57ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 82287
cdn-cachedat: 2021-08-02 21:50:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 71f906965422c9529215d285b3135e95
cf-ray: 70f4261c7f8b0211-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.1/js/ 122 KB
28 KB 56ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.1/js/swiper.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19576863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28145
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-1e700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wnqznj0bCWfgUVIlyNAyhj%2F7zaYvJba%2B2wW%2FMmqN9qUSIAQ47a%2B5rc0UEhQOpsT%2FejdpMhpngEbNEWsaihA79OnT87crN%2Fv9FXN%2B7aAGe9%2BrWdcKwZVWnZq8mXfZTCnO8FveTLMnpvBqTBhBBO2Aq8Rh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261c7d8b0215-ZRH
expires: Fri, 12 May 2023 08:23:17 GMT

GET
H2 200 isotope.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.6/ 35 KB
9 KB 55ms
50ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.6/isotope.pkgd.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7032732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8847
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-8a75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhWf744x85CKEjcHwqhg%2BCUZzjMsbnOtF6j9WUUowtkHlxKEwU%2F%2BtpJ1arS13V2KW9qzASftcURbWlnJKEktdHy9ztmy%2BaW3zo2iAu6iayZE0SpgGozTgyQDyVzyDMvMNx0NJx65hRWH9fByYXVr6GBN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261c7d8d0215-ZRH
expires: Fri, 12 May 2023 08:23:17 GMT

GET
H2 200 hc-sticky.min.js Show response
cdn.jsdelivr.net/npm/hc-sticky@2.2.3/dist/ 11 KB
5 KB 158ms
55ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hc-sticky@2.2.3/dist/hc-sticky.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

301898d6bce363fd706de16a2d915e0382fc1a60d07b91d0ffd0609dd90b78a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2466077
x-jsd-version: 2.2.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19171-FRA, cache-iad-kiad7000061-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2d58-OHp5NYJZm3BVirYCciTrlYiBEdQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5%2F9Zk%2BMjD77bwab%2Byz0AteIBakfUWssIhZum0naAcgcAA7ioUYJWl7zB6EOluvxM7R%2FoP0EPlV8WBYdYuHoHgOYKlRhslibiP5MXPCOlAgO0jTxg5%2BDtUCo7Cwveaw0mmIVRSvyNR2rcj8MZP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 70f4261d1f8801df-ZRH

GET
H2 200 jquery.waypoints.min.js Show response
cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/ 9 KB
3 KB 92ms
86ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 308640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2417
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-2281"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIEGurH2FnM0txicVjTrAuDTeHthDGHcl9ayweZNhp3fSFmX02Pzyok%2FIgLpqkQJV1J%2F105pkmu%2BEkl5oTE9uYLYLWgAROtE8G58LhLevpWSNRkwOLOjiiTnzXQ75jpPl4EDiAOWiW60gw3HlLaxXkOM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261c7d900215-ZRH
expires: Fri, 12 May 2023 08:23:17 GMT

GET
H2 200 blazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blazy/1.8.2/ 5 KB
2 KB 90ms
85ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blazy/1.8.2/blazy.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2106463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1735
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-1448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iffwC0DSM2CJEWvGnqGLlTk9HRM7mbZqfa3cePUoB5P0eyxq%2BuoUbozXotEngGeUMHnHiNyMTuDzyd052%2BhHwNlCRGG%2FcaKLhpp2hw297knvn6MpQ7H70Wc2XNc0AThWDMyf0hyRsKKyqMP8ElzVat1e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261c7d910215-ZRH
expires: Fri, 12 May 2023 08:23:17 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 425ms
51ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 22 May 2022 08:23:17 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 app.min.js Show response
kolobok.ua/js/ 5 KB
2 KB 85ms
80ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/js/app.min.js?23
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: bd62fd631f2f388a0ffb74ec23e67f2baf8816e8a9bc2df95ebad6f63a575b9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: W/"6076c395-1459"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 instafeed.min.js Show response
kolobok.ua/js/ 7 KB
3 KB 86ms
81ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/js/instafeed.min.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9d97f7a4b2edbb8f6a045125a686b58f5990f700c1a7aeabc8a90ec8bd3ba022

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: W/"6076c395-1a80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 article-stat-v2.js Show response
api.phnx.click/js/ 976 B
607 B 73ms
68ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/js/article-stat-v2.js?8
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
content-encoding: gzip
last-modified: Mon, 29 Apr 2019 05:26:10 GMT
server: nginx
etag: W/"5cc68af2-3d0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 55ms
50ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3943604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 591
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFkRbLx9pu4ndLG1ui6y%2B9j%2B79S0GErP8ql1rOZlHoof0mm4hnWKeYWeNHcrvFrn1cv13rtZck2OZIYEDmCeO0hjx5x3WF8nriMMVJmHK2ynRIJu1CcnfLaHKDFgBBjtZVOKhwlJ%2FUIZllFRPVgAWauC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261c7d930215-ZRH
expires: Fri, 12 May 2023 08:23:17 GMT

GET
H2 200 md5.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 4 KB
2 KB 89ms
84ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8136877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1339
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-eb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1S%2Fe01hZkclAVTc0rY65CGk43gdojaZv8P39LsA8hSK%2FJmyOblmNELACef18tqlngTU7jfamBxMuHuYJSxRcPkPCWPIlvuBUAGWqYNyzqbn0gdXG0iI2KvSAYI2MpLiqButYOgXt%2F6%2FtZFEDxqLdEYn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261c7d940215-ZRH
expires: Fri, 12 May 2023 08:23:17 GMT

GET
H2 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 5 KB
2 KB 90ms
85ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 24917931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1763
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1483"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohdXyK4lugevnIqoeyEkHGsoStliJId8%2FIG7EmHZyMCKrEnJZDVlcOMKCi3XxPlDotYyh9VX8ywX8oZ0mWS6w%2B44K6ytdtLzEWHikKsKt5ipW6TnOD%2BBY61MvGz8J4KOwB%2FnEDg19rjIf9wtwPEZwSva"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261c7d950215-ZRH
expires: Fri, 12 May 2023 08:23:17 GMT

GET
H2 200 common.js Show response
api.phnx.click/js/ 3 KB
1 KB 73ms
69ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/js/common.js?1
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 10:11:50 GMT
server: nginx
etag: W/"5e1307e6-a00"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 notice.js Show response
api.phnx.click/common/CookiesNotice/ 648 B
516 B 74ms
69ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/common/CookiesNotice/notice.js?2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 13:24:19 GMT
server: nginx
etag: W/"5e42ab03-288"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2911
date: Sun, 22 May 2022 07:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 22 May 2022 09:34:46 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 52 KB
14 KB 189ms
62ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 59b7f3bff218252c356e1b38ae9289a63b4f16a2d8196ea2222e0418b90cfdd6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 10:55:58 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 14060
expires: Sun, 22 May 2022 20:23:17 GMT

GET
H2 200 e.js Show response
cdn.umh.ua/libs/ 6 KB
3 KB 134ms
40ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.umh.ua/libs/e.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block;
last-modified: Tue, 01 Mar 2022 15:54:34 GMT
server: nginx
etag: W/"621e41ba-16f4"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
expires: Mon, 23 May 2022 08:23:17 GMT

GET
H2 200 kids_pattern.png
kolobok.ua/images/ 19 KB
19 KB 374ms
373ms Image
image/png 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/kids_pattern.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: db3ce8768c4e10435d706169fbf1c5d3ed4703f01fd5d428abf2a4eb87a2e734

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: "6076c395-4b88"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 19336
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dinroundpro-bold.woff2
kolobok.ua/fonts/ 36 KB
36 KB 373ms
373ms Font
application/octet-stream 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/fonts/dinroundpro-bold.woff2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: bead87b2c8ee8424cda8e6d4dec906754c8b4c9860f9e8a84d4c62c3ba288ee2

Request headers

Referer: https://kolobok.ua/css/style.min.css?8
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-8e30"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://kolobok.ua
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 36400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spt_item.gif
kolobok.ua/images/ 2 KB
2 KB 364ms
362ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/spt_item.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 86b67e98ae1805a0fa348e3e1d118a7b6661d66a6fd88609e8c7f59562a986a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-773"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1907
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spt_item5.gif
kolobok.ua/images/ 2 KB
2 KB 364ms
362ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/spt_item5.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 02c30a2f8ab99e50290330ce2b9c3b7df9bcabbbd0f65442d2f929cb2fec3162

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-675"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1653
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spt_item4.gif
kolobok.ua/images/ 1 KB
2 KB 364ms
363ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/spt_item4.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1e99d1e6fe74443f70e6b1bb68cca578728ec9d7669c2ee3ecaef8239f6eb956

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-5bb"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1467
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 13 KB
14 KB 205ms
157ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a64c3f8968235caf4367a733443be4ab6274fd32383d31bf96f607d1f87153a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2953661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13552
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-34f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCltR55Us7jDFMm7CV4T0u92ta15%2B8Xzzzb4aN6CHnCxtjuwEn9KaG3eeW0rdkfVdyP5%2BxfbooPn%2BxrDOPiB6FDesvUbVUmOtrznOKnt%2BZ59ESrK9ps0PxNabQugjYBhPE1gbG78PjYdO6jzVXQEJDbW"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261cdc8101f4-ZRH
expires: Fri, 12 May 2023 08:23:17 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 73 KB
74 KB 150ms
102ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f8971058530863cdfbe3d156d8d5c6f7a6a42d5884f4e82cde8e3692b91e535

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1412563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74768
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12410"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDxQZjKemeyoDyd%2BX0KSa3zjmafjwGmT8A3zfqmLDvv5Wh%2FharP%2BkoQg1x%2FcSQAi%2F6A6WMDRpwPfpVHJO2E7DAr2m0ManEemeqbt2Jv6U1CKCi5G56jdQd7C1huZfPZUBcu0K8ug8IVcr4ebSZ1%2Fvt7k"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261cdc8201f4-ZRH
expires: Fri, 12 May 2023 08:23:17 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 73 KB
73 KB 103ms
56ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83256161be4addb3aefe369a31de46f42def521d423ab1b344883d49c2bd1953

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1496435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74256
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12210"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpIMuFxmPLDIOUgt4AWGU1VYXEi94UQYvP3oIT6lnTyBlhocjVkkeFIN4x5YHxauM4C%2BFOv7IZrsJhjkHhCfvNUC7WN0pE8DT71S%2BeqwtAMG6jOOA%2F1S4sIlq0hY8nD6X9vV3pCrVBzavs%2BcpGtwhve3"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70f4261cdc8301f4-ZRH
expires: Fri, 12 May 2023 08:23:17 GMT

GET
DATA 200
OK truncated
/ 150 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fac0e13bfe90135764a88b128aeba6907c4eb0bfba06d573329e13ca95e3d801

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9aa80adf0c2356b9e6841f3320b6dc3a102ed9de62ddd42a04f05ec467c9622

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 loader.gif
kolobok.ua/images/ 9 KB
9 KB 349ms
349ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/loader.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c9c616de646e94b9adea60ef1e8ffe5246f82b82baa1e039b1b6007067791773

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: "6076c395-22ee"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8942
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sidebar_quote_b1.jpg
kolobok.ua/images/ 22 KB
22 KB 349ms
349ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/sidebar_quote_b1.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 0cf67a88e4158309a7aec1613a776c80db3dc47769b1865ba427078bae937819

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: "6076c395-57b1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22449
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dinroundpro-black.woff2
kolobok.ua/fonts/ 34 KB
34 KB 350ms
349ms Font
application/octet-stream 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/fonts/dinroundpro-black.woff2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 091105bb0811a882fd4f7fedb9e8dcf8a8fd0358106f000d7dd74cd1626dabe5

Request headers

Referer: https://kolobok.ua/css/style.min.css?8
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:00 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-886c"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://kolobok.ua
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 34924
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 123ms
41ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d966cd8b2db93140df1f54fc5a1fa2c4149206fe74ecb8dd6fc9e42c9c28a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0eqU/NDtMWf4ChN2VbZQJw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 22 May 2022 08:35:56 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: wxJpHvN1ieI6vO8cbmlttOH02+1AEvHiU/Ygh31ikmdU0/nT7vOYy01P4dpzBqbJCs6ywATExko0zF9CWyCR6Q==
x-fb-trip-id: 917726464
x-fb-content-md5: 857271bfd549b8b7b730a1f45f84981f
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 22 May 2022 08:23:17 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "11cf831f9d971e77ecf98c47963d70a6"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 / Show response
exchange.informer.ua/informer/stat/ Frame 394B 5 KB
2 KB 240ms
85ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=ivona
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash: ec8667141421f91c2fa4c5867e4461b83a992afcffd6efc69b69293145668cfc

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 08:26:13 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

GET
H2 200 / Show response
exchange.informer.ua/informer/stat/ Frame 5B8B 4 KB
1 KB 225ms
79ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=smak
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash: 3c2a2c527bcc789a360074edf27036757d7b6171678e49c0e8c7abb752787b2c

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 08:26:13 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

GET
H2 200 / Show response
exchange.informer.ua/informer/stat/ Frame 45C5 5 KB
2 KB 229ms
84ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=ivona
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash: 4a45f75b15fcf4b0ffc9fe540be634207f8c368deec6769e6a6be43900b706ea

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 08:26:13 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 132 B
423 B 318ms
73ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n60941&w0&y0&d24&r1600
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 2514e6ad25375d07aaabcbe7e217c3c183992a9e622dc7e18c9a7f81a3b08c5a

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 08:23:17 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 load Show response
z.cdn.umh.ua/ 56 B
381 B 60ms
40ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1466079092&div=zone_1466079092&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1395&pl=3&mi=4&me=8&hc=4&n=1653207797313&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=600588808
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 254f33bb44c46523cce6e349f8ea4ec60151ca4337024b647502da496df48b9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:17 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 56
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 1 KB
1 KB 61ms
42ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1320537623&div=zone_1320537623&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1395&pl=3&mi=4&me=8&hc=4&n=1653207797313&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=600588808
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 81713b18ac491dd7127d6de73f65f1e2bd032f53e0c51a2f7eaa86719fdf1492

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: application/javascript; charset=utf-8
content-length: 743
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 57 B
382 B 59ms
40ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1584315929&div=zone_1584315929&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1395&pl=3&mi=4&me=8&hc=4&n=1653207797313&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=600588808
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: d54ac0208d59cd7d261f9ad3c02558ad7cdad6785a35514e25e872d055d28ec2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:17 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 57
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 2 KB
1 KB 58ms
41ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1982059428&div=zone_1982059428&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1395&pl=3&mi=4&me=8&hc=4&n=1653207797313&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=600588808
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 91ebc784c46488c46d8dfb7bdfd8b2908f369ffcac5c51dfb411d539720a52c3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: application/javascript; charset=utf-8
content-length: 943
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 1 KB
1 KB 49ms
41ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1619353633&div=zone_1619353633&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1395&pl=3&mi=4&me=8&hc=4&n=1653207797313&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=600588808
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 11542660b138264fff792c93512ab36d96eed0b9d9c511609746064ab1310567

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: application/javascript; charset=utf-8
content-length: 785
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 75 B
400 B 40ms
40ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1836467761&div=zone_1836467761&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1395&pl=3&mi=4&me=8&hc=4&n=1653207797313&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=600588808
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 085583262fc989309eef660f40bfcd1725cc57edb8cad2c03e95382ce3e0b50f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:17 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 75
expires: -1

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/46506/ Frame CF2E 738 B
510 B 122ms
122ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Sun, 22 May 2022 08:23:17 GMT
etag: W/"62824272-2e2"
expires: Wed, 17 May 2023 12:25:26 GMT
last-modified: Mon, 16 May 2022 12:24:18 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
x-id: fr5-up-gc33

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/46506/ 23 KB
8 KB 126ms
125ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:15 GMT
server: nginx
etag: W/"6282426f-5d41"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:26 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/46506/ 75 KB
20 KB 136ms
136ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:04 GMT
server: nginx
etag: W/"62824264-12c39"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:26 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 139ms
58ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=476014890&t=pageview&_s=1&dl=https%3A%2F%2Fkolobok.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1938252103&gjid=1137216856&cid=1093733952.1653207797&tid=UA-82254946-1&_gid=1211622103.1653207797&_r=1&_slc=1&z=825888805

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 279 B
393 B 60ms
59ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=kolobok.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 5421bf15e6603b94900b8e41b46fd154c06da862a65d40feb989fd5f3caab699

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 279
expires: Tue, 21 Jun 2022 08:23:17 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 7D57 5 KB
3 KB 172ms
55ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: 29fe3cd2fb1834378598ba35b53a285bad18cd9d1d1a950f49efc8004629a99d

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2719
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:17 GMT
etag: PRIVATE7520710249
expires: Tue, 21 Jun 2022 08:23:17 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 gsconf.js Show response
gaua.hit.gemius.pl/ 67 B
135 B 100ms
99ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gsconf.js?gst=parent&href=kolobok.ua&gsver=326&v=459388
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: e70792957a2d6b9fe4f3b638d557b304e23215b8031d9e14e2f61be37f008399

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
last-modified: Thu, 19 May 2022 10:55:58 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 67
expires: Sun, 22 May 2022 12:23:17 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 288 KB
82 KB 89ms
41ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=b3472b7ae319e5b2d9cd7ffaef97f205

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a217030796bef33135123061e7dc7f9b8b13ec065a59baffc6e609c1c8a1bdc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bOz5RbKAGL40KeiH+e6b5w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 22 May 2023 07:49:15 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84034
x-fb-rlafr: 0
x-fb-debug: QFoVhfXRm4+X/WeLA7h6Ocr+8Sye5Fy8I/vn7ffVw9VAKlq6BDvshTSy30NR2suTRx+ND1BMoA10FZkXZzcV0g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 252ba4dba9b66416054113b98cbf5f98
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 08:23:17 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "50d84507e9ec5aac8496d6cffaf61e19"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 mwayss_invocation.min.js Show response
ad.mox.tv/mox/ 29 KB
10 KB 134ms
35ms Script
application/javascript 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div
Requested by: Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1619353633&div=zone_1619353633&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1395&pl=3&mi=4&me=8&hc=4&n=1653207797313&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=600588808
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 16:48:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"61af9066-72a8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 22 May 2022 09:23:17 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
55 KB 154ms
62ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Requested by

Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1982059428&div=zone_1982059428&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1395&pl=3&mi=4&me=8&hc=4&n=1653207797313&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=600588808

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d64eec5a40430a3540d6e7730ed54a0e656d2c6bce22ef605eb55598497acd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56443
x-xss-protection: 0
server: cafe
etag: 12247203475389495424
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 May 2022 08:23:17 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/ 310 KB
111 KB 164ms
75ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0838aea55339bff6c16beb8916926a5f20f6e8f90e46aeeddfabf07883505398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113363
x-xss-protection: 0
server: cafe
etag: 2105737705204956689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 22 May 2022 08:23:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame 8CFD 10 KB
5 KB 134ms
41ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 34938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 22:40:59 GMT
etag: 1428802124239944296
expires: Sat, 04 Jun 2022 22:40:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/46506/ Frame 59FE 738 B
396 B 122ms
121ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Sun, 22 May 2022 08:23:17 GMT
etag: W/"62824272-2e2"
expires: Wed, 17 May 2023 12:25:26 GMT
last-modified: Mon, 16 May 2022 12:24:18 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
x-id: fr5-up-gc33

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
435 B 113ms
37ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-82254946-1&cid=1093733952.1653207797&jid=1938252103&gjid=1137216856&_gid=1211622103.1653207797&_u=IEBAAEAAAAAAAC~&z=1608377822

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 22 May 2022 08:23:17 GMT
content-type: text/plain
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aa2512ff6693b19166bec7c94da309ba.jpg
exchange.informer.ua/assets/thumbnails/aa/ Frame 5B8B 7 KB
7 KB 71ms
69ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/aa/aa2512ff6693b19166bec7c94da309ba.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e8a48a1544e4335f3b2a0828302cf8060a576ea0e724c26af257fbfebc5c4f51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sat, 21 May 2022 19:00:05 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "628936b5-1af2"
content-length: 6898
content-type: image/jpeg

GET
H2 200 ea40bb331b79d5b72abd0060042765e3.jpg
exchange.informer.ua/assets/thumbnails/ea/ Frame 5B8B 7 KB
7 KB 70ms
69ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/ea/ea40bb331b79d5b72abd0060042765e3.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 3d0e0688bce02c69ba6b90992587f7b07a480ce525b34b1ff3a3206688cb9e5b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Fri, 20 May 2022 13:50:08 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62879c90-1b11"
content-length: 6929
content-type: image/jpeg

GET
H2 200 657de3c11d8d98ea18ca856764109c30.jpg
exchange.informer.ua/assets/thumbnails/65/ Frame 5B8B 8 KB
8 KB 119ms
117ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/65/657de3c11d8d98ea18ca856764109c30.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: f41e6fb98e691f251a7c4942ac3eee706dd8bcdd33e03047c27e67591a382fc7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sun, 22 May 2022 08:21:03 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6289f26f-1e79"
content-length: 7801
content-type: image/jpeg

GET
H2 200 ac898649d5a2b31dcce3b242cdd37aeb.jpg
exchange.informer.ua/assets/thumbnails/ac/ Frame 5B8B 8 KB
8 KB 176ms
175ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/ac/ac898649d5a2b31dcce3b242cdd37aeb.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1e2cdd35adb8491f57706ce297423b9bc436b9aabce0b35956c377847a0a17d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sat, 21 May 2022 08:20:06 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6288a0b6-1f38"
content-length: 7992
content-type: image/jpeg

GET
H2 200 6b3c9f872b35728f9bc0470928d9a3c9.jpg
exchange.informer.ua/assets/thumbnails/6b/ Frame 5B8B 7 KB
7 KB 177ms
176ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/6b/6b3c9f872b35728f9bc0470928d9a3c9.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0c98dfbf6932f27e0101df91561c8e1fd63a5ad8d09bbd809f36dd4f72acf4db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Fri, 20 May 2022 12:50:05 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62878e7d-1ba9"
content-length: 7081
content-type: image/jpeg

GET
H2 200 9f288286e6709b02d0580468354ffa45.jpg
exchange.informer.ua/assets/thumbnails/9f/ Frame 45C5 8 KB
8 KB 134ms
131ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/9f/9f288286e6709b02d0580468354ffa45.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1b08bb511bf3964f8d4de0fae228cbffba0c4f34c7cad68173ab6872c71893f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sat, 21 May 2022 11:41:07 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6288cfd3-202c"
content-length: 8236
content-type: image/jpeg

GET
H2 200 5e94a91bf9244d1e5198d9406abc178a.jpg
exchange.informer.ua/assets/thumbnails/5e/ Frame 45C5 5 KB
5 KB 134ms
132ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/5e/5e94a91bf9244d1e5198d9406abc178a.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 805e420bdc460b47e17b2003cdd0a02740a17c10e5e70213e01fc6bdf96d1566

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sat, 21 May 2022 15:31:04 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "628905b8-1307"
content-length: 4871
content-type: image/jpeg

GET
H2 200 b3daa6430a680fe94ef8a0d148619637.jpg
exchange.informer.ua/assets/thumbnails/b3/ Frame 45C5 6 KB
6 KB 119ms
117ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/b3/b3daa6430a680fe94ef8a0d148619637.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7b574c739c5edd85bd87bbf5cdd11d836a3cd763d6cdc73bfdd0062ba96eea0a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sat, 21 May 2022 17:21:06 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62891f82-1798"
content-length: 6040
content-type: image/jpeg

GET
H2 200 ab97d853739102417a0d47b3248a3574.jpg
exchange.informer.ua/assets/thumbnails/ab/ Frame 45C5 7 KB
8 KB 177ms
176ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/ab/ab97d853739102417a0d47b3248a3574.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9a031ef206c3bca940371d11e5aee1f865b67b777edb3820e23b88b10b6b775a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sun, 22 May 2022 07:21:02 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6289e45e-1d87"
content-length: 7559
content-type: image/jpeg

GET
H2 200 1db8ce22365f1f5fd630e712b5e9cb86.jpg
exchange.informer.ua/assets/thumbnails/1d/ Frame 45C5 7 KB
7 KB 177ms
177ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/1d/1db8ce22365f1f5fd630e712b5e9cb86.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7ee90132b9d717786fa4eed463178d308827d1b34a81972ac3e23bbfcdccd5da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sat, 21 May 2022 10:00:07 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6288b827-1d79"
content-length: 7545
content-type: image/jpeg

GET
H2 200 1db8ce22365f1f5fd630e712b5e9cb86.jpg
exchange.informer.ua/assets/thumbnails/1d/ Frame 394B 7 KB
7 KB 135ms
135ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/1d/1db8ce22365f1f5fd630e712b5e9cb86.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7ee90132b9d717786fa4eed463178d308827d1b34a81972ac3e23bbfcdccd5da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sat, 21 May 2022 10:00:07 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6288b827-1d79"
content-length: 7545
content-type: image/jpeg

GET
H2 200 ab97d853739102417a0d47b3248a3574.jpg
exchange.informer.ua/assets/thumbnails/ab/ Frame 394B 7 KB
8 KB 135ms
134ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/ab/ab97d853739102417a0d47b3248a3574.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9a031ef206c3bca940371d11e5aee1f865b67b777edb3820e23b88b10b6b775a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sun, 22 May 2022 07:21:02 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6289e45e-1d87"
content-length: 7559
content-type: image/jpeg

GET
H2 200 5e94a91bf9244d1e5198d9406abc178a.jpg
exchange.informer.ua/assets/thumbnails/5e/ Frame 394B 5 KB
5 KB 132ms
128ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/5e/5e94a91bf9244d1e5198d9406abc178a.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 805e420bdc460b47e17b2003cdd0a02740a17c10e5e70213e01fc6bdf96d1566

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sat, 21 May 2022 15:31:04 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "628905b8-1307"
content-length: 4871
content-type: image/jpeg

GET
H2 200 9f288286e6709b02d0580468354ffa45.jpg
exchange.informer.ua/assets/thumbnails/9f/ Frame 394B 8 KB
8 KB 139ms
136ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/9f/9f288286e6709b02d0580468354ffa45.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1b08bb511bf3964f8d4de0fae228cbffba0c4f34c7cad68173ab6872c71893f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sat, 21 May 2022 11:41:07 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6288cfd3-202c"
content-length: 8236
content-type: image/jpeg

GET
H2 200 b3daa6430a680fe94ef8a0d148619637.jpg
exchange.informer.ua/assets/thumbnails/b3/ Frame 394B 6 KB
6 KB 139ms
136ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/b3/b3daa6430a680fe94ef8a0d148619637.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7b574c739c5edd85bd87bbf5cdd11d836a3cd763d6cdc73bfdd0062ba96eea0a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:13 GMT
last-modified: Sat, 21 May 2022 17:21:06 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62891f82-1798"
content-length: 6040
content-type: image/jpeg

GET
H2 200 b53_left.gif
i.bigmir.net/cnt/samples/default/ 319 B
492 B 238ms
65ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_left.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 35fd8976c95449e2fab9b80964acb6fbe8dd31c5989ad6b57a50e0a33065f4a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
last-modified: Tue, 23 Jan 2007 13:14:26 GMT
server: nginx
etag: "45b60a32-13f"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 319
expires: Wed, 25 May 2022 08:23:17 GMT

GET
H2 200 b53_center.gif
i.bigmir.net/cnt/samples/default/ 96 B
267 B 238ms
66ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_center.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: a9c66fdf1ceba24566394390e94faa182b2c23ab4c2df2faf2fdda296b4f4457

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
last-modified: Tue, 23 Jan 2007 13:14:25 GMT
server: nginx
etag: "45b60a31-60"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 96
expires: Wed, 25 May 2022 08:23:17 GMT

GET
H2 200 b53_right.gif
i.bigmir.net/cnt/samples/default/ 319 B
491 B 238ms
66ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_right.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: de3e7fcab25d8103d31dea640867362bed737df932100d794426c96b03c4ac3d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
last-modified: Tue, 23 Jan 2007 13:14:26 GMT
server: nginx
etag: "45b60a32-13f"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 319
expires: Wed, 25 May 2022 08:23:17 GMT

GET
H2 200 impress Show response
ad.mox.tv/delivery/ 17 KB
9 KB 70ms
69ms XHR
application/json 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1566&height=300&width=400&tld=kolobok.ua&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=kolobok.ua&top_url=https%3A%2F%2Fkolobok.ua%2F&domain=kolobok.ua&url=https%3A%2F%2Fkolobok.ua%2F&referrer=&async=1&uid=7556289603
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 15f309eaf246ab052ecf0cd7552fdad6220b26bdf73f32ac776ccd928b2df9b4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://kolobok.ua
date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 124ms
41ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202832543530482&ev=fb_page_view&dl=https%3A%2F%2Fkolobok.ua%2F&rl=&if=false&ts=1653207797744&sw=1600&sh=1200&at=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 22 May 2022 08:23:17 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 167ms
50ms Script
application/x-javascript 92.122.146.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.146.218 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-146-218.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 1889F9B3DBD6519F
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=10339
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3UIrMqGlZwY0KhvMQZfloXs4nnkFTT22BMoy01WcRw0t941ypt5C/Q39M+UifAMgZfwuQP5iPnU=

GET /
exchange.informer.ua/informer/stat/ Frame 8FCC 0
0

GET /
exchange.informer.ua/informer/stat/ Frame 43A7 0
0

GET /
exchange.informer.ua/informer/stat/ Frame C3E8 0
0

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1653207797871/
Redirect Chain

https://gaua.hit.gemius.pl/_1653207797871/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%...
https://gaua.hit.gemius.pl/__/_1653207797871/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok....

169 B
474 B

58ms
58ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1653207797871/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=qcQRUn7ICOyxDfLUwmtphnHcYpf3UH4Gf9Gwkie6o_z.f7McI1RrCoscLjQfLY1ZOkxPpcjSI6lvXl.hUAY3Smn.Z0ST/Oys67UXpb_9YN/&ltime=475&fpdata=BpYcFfv8Rrl3kucHbStotZoWG5TChFdjHBA7yK323dj.L7&fpcap=
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 81c16a14b27fb0948e972b9682082c117b8515e30b7edc8144334e523ba41770

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:18 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sat, 21 May 2022 08:23:18 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:17 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1653207797871/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=qcQRUn7ICOyxDfLUwmtphnHcYpf3UH4Gf9Gwkie6o_z.f7McI1RrCoscLjQfLY1ZOkxPpcjSI6lvXl.hUAY3Smn.Z0ST/Oys67UXpb_9YN/&ltime=475&fpdata=BpYcFfv8Rrl3kucHbStotZoWG5TChFdjHBA7yK323dj.L7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 21 May 2022 08:23:17 GMT

GET
H2 200 swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 15 KB
5 KB 163ms
68ms Stylesheet
text/css 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:18 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15978804
fly-request-id: 01FMS77QYFR7T91A14VZPZC4YW
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 70f426217e1701e3-ZRH

GET
H2 200 achernar.min.js Show response
ad.mox.tv/js/achernar/ 11 KB
4 KB 37ms
35ms Script
application/javascript 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/achernar.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 14:47:09 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6213a5ed-2b1e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 22 May 2022 09:23:17 GMT

GET
H2 200 prebid.js Show response
ad.mox.tv/js/achernar/ 237 KB
71 KB 71ms
69ms Script
application/javascript 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/prebid.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 10:13:13 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62627fb9-3b3ea"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 22 May 2022 09:23:17 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
29 KB 138ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f6aa26135e6be510a5c65a2d9df4205090aeef4756766026e1b389969fe2c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28589
x-xss-protection: 0
server: sffe
etag: "1222 / 505 of 1000 / last-modified: 1653084304"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 22 May 2022 08:23:17 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@7.3.0/ 132 KB
38 KB 170ms
77ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:18 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15978846
fly-request-id: 01FMS76ETJSXZKGZGFZVHH4A5S
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 70f426217e1901e3-ZRH

GET
H2 200 mwayss_invocation.min.css
ad.mox.tv/mox/ 3 KB
850 B 112ms
110ms Stylesheet
text/css 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 35 B
372 B 164ms
41ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 magic.png
bgstats.mox.tv/ 0
66 B 116ms
35ms Image
image/png 167.71.9.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgstats.mox.tv/magic.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:17 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 0
content-type: image/png

GET
H2

200

sync
ad.vidver.to/delivery/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=39ad68b6-4907-4603-8bbc-df4a35efd1ab&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=39ad68b6-4907-4603-8bbc-df4a35efd1ab&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D59d1f829-8fe7-4e07-8b1b-6d1fc3d7...
https://x.bidswitch.net/sync?dsp_id=80&user_id=aae46289-f2f6-4000-b79c-fe21c678649d&expires=30&ssp=prodoohmox&bsw_param=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&gdpr=0&gdpr_consent=
https://ad.mox.tv/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214
https://ad.mediawayss.com/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
https://ad.outstream.today/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
https://ad.adopx.net/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
https://ad.invamia.com/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
https://ad.vidverto.io/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=YWQudmlkdmVyLnRv
https://ad.vidver.to/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=

0
482 B

140ms
42ms

Image
text/html

190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Server: 190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 22 May 2022 08:23:20 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

Redirect headers

location: https://ad.vidver.to/delivery/sync?userid=59d1f829-8fe7-4e07-8b1b-6d1fc3d74214&inner_redirect=1&inner_uuid=39ad68b6-4907-4603-8bbc-df4a35efd1ab&redirect_host_list=
date: Sun, 22 May 2022 08:23:20 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-allow-origin: *
content-type: text/html; charset=UTF-8

GET
H/1.1 400
Bad Request s
h.holder.com.ua/ 0
0 231ms
74ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&bholder_300x100_6255&c1&r15864751&dholder1584315929&hhttps%3A//kolobok.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 22 May 2022 08:23:18 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H/1.1 400
Bad Request s
h.holder.com.ua/ 0
0 229ms
74ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&bholder_300x50_6256&c1&r15864751&dholder1466079092&hhttps%3A//kolobok.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 22 May 2022 08:23:18 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H/1.1 200
OK widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html Show response
platform.twitter.com/widgets/ Frame A935 319 KB
104 KB 47ms
46ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fkolobok.ua
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA0) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 143225
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Sun, 22 May 2022 08:23:17 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Sun, 15 May 2022 20:03:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BA0)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3

200

/
www.facebook.com/login/ Frame E44D
Redirect Chain

https://web.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36d...
https://web.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv3.2%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.fa...
https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv3.2%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.fa...

0
0

164ms
121ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv3.2%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df36dd93feff728%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff2ae60309ab034c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=b3472b7ae319e5b2d9cd7ffaef97f205

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Sun, 22 May 2022 08:23:18 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: FSaON7YU9nOhcqXmCIHOX4AWSz0YL9LA5jzXTGED769nEs8XZabcYgY/Wfp/WlZz/jg4yPaebGbe6X1KDs2sXA==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
date: Sun, 22 May 2022 08:23:18 GMT
location: https://www.facebook.com/login/?next=https%3A%2F%2Fweb.facebook.com%2Fv3.2%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df36dd93feff728%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff2ae60309ab034c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300&_rdc=1&_rdr
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-fb-debug: yohxGwqVN8gEak4uQliBuP5n1r6XGrpexUppiAj6kZyOr2JtwdfKnmc1zWlMZGSguz/ubI1GTe7p01+GYRqUiA==
x-fb-zr-redirect: 02|1653294198|

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5cde4c546c360164/ 3 KB
1015 B 245ms
238ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5cde4c546c360164/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1d76224d2d919a0d3e8950b5f754d60d84cb73037a463cdf0d61a52853757f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
etag: -1347345604--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 838

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 209ms
200ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6289f2f5fe300283&bkl=0&bl=1&pdt=889&sid=6289f2f5fe300283&pub=ra-5cde4c546c360164&rev=v8.28.8-wp&ln=ru&pc=men&cb=0&ab=-&dp=kolobok.ua&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%D0%B1%D0%B5%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D1%8C%2C%D1%80%D0%BE%D0%B4%D1%8B%2C%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D1%83%D1%85%D0%BE%D0%B4%D1%83%20%D0%B7%D0%B0%20%D1%80%D0%B5%D0%B1%D0%B5%D0%BD%D0%BA%D0%BE%D0%BC%2C%D0%B3%D1%80%D1%83%D0%B4%D0%BD%D0%BE%D0%B5%20%D0%B2%D1%81%D0%BA%D0%B0%D1%80%D0%BC%D0%BB%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%2C%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B5%2C%D0%BF%D0%BE%D0%BB%D0%BE%D0%B2%D0%BE%D0%B5%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D1%83%20%D0%BF%D0%BE%D0%B4%D1%80%D0%BE%D1%81%D1%82%D0%BA%D0%BE%D0%B2%2C%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%20%D1%81%D0%B5%D0%BC%D1%8C%D0%B5%2C%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D0%B2%D0%B0%D1%8E%D1%89%D0%B8%D0%B5%20%D0%B8%D0%B3%D1%80%D1%8B%2C%D0%B4%D0%B5%D1%82%D1%81%D0%BA%D0%B8%D0%B5%20%D1%81%D0%BA%D0%B0%D0%B7%D0%BA%D0%B8%2C%D0%B4%D0%B5%D1%82%D1%81%D0%BA%D0%B8%D0%B5%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%2C%D0%BF%D0%BE%D0%BB%D0%BE%D0%B2%D0%BE%D0%B5%20%D1%81%D0%BE%D0%B7%D1%80%D0%B5%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&colc=1653207797919&jsl=8321&uvs=6289f2f5115d8fbc000&skipb=1&callback=addthis.cbs.jsonp__193858437942254550
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6561492582bbe081089adbfde7ec550328e05831d4e6966411e87efb3b6a9dc3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:18 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F287 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 9367 71 KB
26 KB 73ms
72ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Sun, 22 May 2022 08:23:17 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.ru.min.json Show response
s7.addthis.com/l10n/ 6 KB
2 KB 170ms
42ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.ru.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

fc1cee21376da3a4fdf8f62d3bb1d46c80c763d447da7e7c07112f45eee09d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-16d7"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Sun, 22 May 2022 08:23:18 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 2276

GET
H2 200 6e5e1d05f2497ec2e2c9e68245ad444f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/63/06/54/5/6306545/image_main/ 11 KB
11 KB 77ms
75ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/06/54/5/6306545/image_main/6e5e1d05f2497ec2e2c9e68245ad444f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 0692722b63624ad9ff6c955228db259553745a12cea1ad597143c20ba5ec8c8c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:01 GMT
last-modified: Sat, 21 May 2022 18:16:48 GMT
server: nginx
etag: "62892c90-2c9a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 11418
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0093ee1f65fcfe812b26d21a571c35e2-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/80/76/26/807626/ 9 KB
10 KB 77ms
76ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/80/76/26/807626/0093ee1f65fcfe812b26d21a571c35e2-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 790bbddbc6772d94890e12c60ae68ca3985faae758e457c95b52b323920d1ab1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:01 GMT
last-modified: Wed, 21 Aug 2019 19:45:42 GMT
server: nginx
etag: "5d5d9f66-25f7"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9719
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 910858760ca16a7d46b3722558d00073-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/63/05/22/3/6305223/image_main/ 14 KB
14 KB 77ms
76ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/63/05/22/3/6305223/image_main/910858760ca16a7d46b3722558d00073-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1dd99df74c4660bbb4e5ce3f58670937863174b0197255465d79d35c3a0d1f05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:01 GMT
last-modified: Thu, 19 May 2022 20:16:07 GMT
server: nginx
etag: "6286a587-372a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14122
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 91f701605b555012b8cd9f467c03e7f0-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/54/85/65/3/5485653/image_main/ 10 KB
10 KB 78ms
77ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/54/85/65/3/5485653/image_main/91f701605b555012b8cd9f467c03e7f0-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: fe5f400fda141524f7440048ef4643dbd06fffce0ab780b64495c708411dd0b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:01 GMT
last-modified: Sat, 23 Oct 2021 07:20:28 GMT
server: nginx
etag: "6173b7bc-2680"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9856
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c3fc1024f9c9d153b18724eda05d99ac-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/81/00/55/810055/image_main/ 31 KB
31 KB 78ms
78ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/81/00/55/810055/image_main/c3fc1024f9c9d153b18724eda05d99ac-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: bbdb0a6b1bb666b306003d75635d4d331c9909ca6bd12aac1d52bb6893941780

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:01 GMT
last-modified: Thu, 20 May 2021 11:17:32 GMT
server: nginx
etag: "60a6454c-7adf"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 31455
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 151ms
50ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kolobok.ua&callback=_gfp_s_&client=ca-pub-3755662197386269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

90b0b4ee3790f67389fd0da7a5454e18ca3b8b8de0733e83fa6ab9f00ddb99c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 154ms
55ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 153ms
55ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 81ms
80ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fkolobok.ua%2F&tn=NAV&cls=top-navbar%20navbar%20navbar-expand-lg%20navbar-light%20bg-light%20fixed-top%20kids_pattern%20justify-content-between%20justify-content-lg-center%20align-items-end&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7E58 0
19 B 218ms
130ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1653207797&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797446&bpp=2&bdt=660&idt=496&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1405577575837&frm=20&pv=2&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=517

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:18 GMT
expires: Sun, 22 May 2022 08:23:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 z Show response
s.znctrack.net/ Frame C1C9 50 KB
23 KB 351ms
134ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 6229426dc56696a83cf13fb494d69bb4f7d6c7a53c425d37a90fe09b0a5ffb32

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23335
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 add-view Show response
api.phnx.click/articles/stat/ 39 B
246 B 260ms
120ms XHR
application/json 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/articles/stat/add-view?cid=11&site=kolobok&aid=807247&0.025364873315274483
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c24f37ff564a8fad4604b9fb74aac57958b6f0e3ae724595e726cdfbfdee11d7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://kolobok.ua
date: Sun, 22 May 2022 08:26:01 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EA99 113 KB
40 KB 428ms
403ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6666085438&adk=3555305732&adf=3818598067&pi=t.ma~as.6666085438&w=728&lmt=1653207798&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797450&bpp=2&bdt=665&idt=552&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1405577575837&frm=20&pv=1&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RszSZNo5G4&p=https%3A//kolobok.ua&dtd=574

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c19222d9407900ab1e447dff7f37b680a5fa2b38fb476023fd683de540fee64c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13222403947336152692/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13222403947336152692/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLSXsfzW8vcCFSYGigMdb5sJIA&gqi=9vKJYpj3BMaR9fgP9_a1yAk&layout=/sadbundle/%24csp%253Der3%24/13222403947336152692/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 41379
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13222403947336152692/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13222403947336152692/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLSXsfzW8vcCFSYGigMdb5sJIA&gqi=9vKJYpj3BMaR9fgP9_a1yAk&layout=/sadbundle/%24csp%253Der3%24/13222403947336152692/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:18 GMT
expires: Sun, 22 May 2022 08:23:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC94 109 KB
35 KB 527ms
527ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653207798&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797452&bpp=1&bdt=666&idt=609&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1405577575837&frm=20&pv=1&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FGIZVajpKH&p=https%3A//kolobok.ua&dtd=614

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3f74fa7aec1b48cc29ab95fcdd73b2cb600b1cfd5ffbf167c99547e2d60eddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36082
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:18 GMT
expires: Sun, 22 May 2022 08:23:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 222 B
675 B 133ms
42ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=6780662190778164&cpv=0bb2ac4b-e9b2-529f-a267-7280d2943332&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22bf7a5b63-a0e4-aa00-38e0-784e5ad96385%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fkolobok.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22909c4de5-18dc-01a5-9bec-bc2783c21a01%22%2C%22tagid%22%3A%228ea486a5-d161-46a5-a5a4-b1d24d77a9af%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1836467761%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

491dd755fbd781902dba76933115fce6ed5850fea6b03c4dc46f66e5054010ac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 22 May 2022 08:23:18 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 202
X-Xss-Protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame A935 278 B
460 B 244ms
149ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=6f2a4327f07f301536e73ae9dff74049c083ceac

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fkolobok.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 106
date: Sun, 22 May 2022 08:23:17 GMT
content-encoding: gzip
last-modified: Sun, 22 May 2022 08:23:18 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 40c5cda139f6a09d6f2dce506c463329889a2fd5f8c65002daa64c0b3ffd1465
content-length: 179

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 pubads_impl_2022051801.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 137ms
43ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

71f7b22f7b615b6a6cb2240ba7516fb2e83d2028607d5983fd64d1b755fd11f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127552
x-xss-protection: 0
last-modified: Wed, 18 May 2022 08:34:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 May 2023 08:22:23 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 297 B
781 B 143ms
51ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kolobok.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

22da82d1cbd97e36fa29018fc8a8669d238cd378094f1217814ddcf51f85ced3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144
x-xss-protection: 0
expires: Sun, 22 May 2022 08:23:18 GMT

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/46506/ 28 KB
11 KB 153ms
153ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:20 GMT
server: nginx
etag: W/"62824274-702f"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:26 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/46506/ 42 KB
18 KB 144ms
143ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:21 GMT
server: nginx
etag: W/"62824275-a793"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:26 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/46506/ 13 KB
5 KB 151ms
149ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:13 GMT
server: nginx
etag: W/"6282426d-326c"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:26 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/46506/ 11 KB
4 KB 154ms
153ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:12 GMT
server: nginx
etag: W/"6282426c-2a79"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:26 GMT

GET
H2 200 5927ef40e4a80e0040be.b.js Show response
cdn.admixer.net/scripts3/46506/ 215 KB
74 KB 165ms
164ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:11 GMT
server: nginx
etag: W/"6282426b-35ac7"
vary: Accept-Encoding
x-cached-since: 2022-05-16T12:25:26+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 17 May 2023 12:25:26 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 57ms
56ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 22 May 2022 08:23:18 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 204 /
loadercdn.net/ 0
170 B 237ms
69ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=330af51ee8d9f064&d=kolobok.ua
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 22 May 2022 08:23:18 GMT
server: openresty

GET
H/1.1 200
OK moment~timeline.55634fd8bf871f86dbe537f50a41349e.js Show response
platform.twitter.com/js/ 25 KB
8 KB 46ms
46ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.55634fd8bf871f86dbe537f50a41349e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: 4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 22 May 2022 08:23:18 GMT
Content-Encoding: gzip
Age: 143226
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 8084
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:32 GMT
Server: ECS (amb/6BBA)
Etag: "8d39588ffce9da16e8e735f3fdd8f990+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2002b66aa236ee3e1e6728119a7c4b98.js Show response
platform.twitter.com/js/ 20 KB
7 KB 92ms
46ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.2002b66aa236ee3e1e6728119a7c4b98.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B80) /
Resource Hash: a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 22 May 2022 08:23:18 GMT
Content-Encoding: gzip
Age: 143215
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 6371
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:32 GMT
Server: ECS (amb/6B80)
Etag: "57d65599f609862f8724a6a6475c8c7a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
500 B 43ms
43ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 22 May 2022 08:23:18 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://kolobok.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 131ms
49ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 134ms
50ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 575ms
492ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2859785435953071&correlator=1132771910425761&eid=31067689&output=ldjh&gdfp_req=1&vrg=2022051801&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_kolobok.ua_S_WW_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=1369039488&sfv=1-0-38&ecs=20220522&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D23cf48df19e84f70-2204a2f798cd0020%3AT%3D1653207798%3ART%3D1653207798%3AS%3DALNI_MbT8WMz5JZj0Pf5O25L43Ri5EBU8A&abxe=1&dt=1653207798471&lmt=1653207798&dlt=1653207796786&idt=1624&biw=1600&bih=1200&adxs=750&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=true&btvi=1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5012b288372c78879828e7e91d43af58b9da264ef5311dae959ed73818c3d9ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10056
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 431ms
348ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2859785435953071&correlator=1132771910425761&eid=31067689&output=ldjh&gdfp_req=1&vrg=2022051801&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Ckolobok.ua_S_WW_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=3265072390&sfv=1-0-38&ecs=20220522&fsapi=false&sc=1&cookie=ID%3D23cf48df19e84f70-2204a2f798cd0020%3AT%3D1653207798%3ART%3D1653207798%3AS%3DALNI_MbT8WMz5JZj0Pf5O25L43Ri5EBU8A&abxe=1&dt=1653207798477&lmt=1653207798&dlt=1653207796786&idt=1624&biw=1600&bih=1200&adxs=1650&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=true&btvi=2&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2b6a43906e4f8419ea323898ce801894bcbee8a48e30b50d6fe232398c48ffe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10480
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 428ms
345ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2859785435953071&correlator=1132771910425761&eid=31067689&output=ldjh&gdfp_req=1&vrg=2022051801&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Ckolobok.ua_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=595125205&sfv=1-0-38&ecs=20220522&fsapi=false&prev_scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm173%26yb_tt%3Dtt6%26yb_ff%3D1%26yb_th%3D0%26yb_tm%3D23%26yb_wd%3D0&sc=1&cookie=ID%3D23cf48df19e84f70-2204a2f798cd0020%3AT%3D1653207798%3ART%3D1653207798%3AS%3DALNI_MbT8WMz5JZj0Pf5O25L43Ri5EBU8A&abxe=1&dt=1653207798480&lmt=1653207798&dlt=1653207796786&idt=1624&biw=1600&bih=1200&adxs=2550&adys=1208&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=900x-1&msz=900x-1&fws=516&ohw=0&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=true&btvi=3&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ff564a4b779efa8e5278c47aa31db9d552084e4b37cca70d0470e39e0d6f4f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10052
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AB29 6 KB
4 KB 157ms
48ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:18 GMT
expires: Mon, 22 May 2023 08:23:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13222403947336152692/ Frame 5921 594 KB
187 KB 177ms
85ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13222403947336152692/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6666085438&adk=3555305732&adf=3818598067&pi=t.ma~as.6666085438&w=728&lmt=1653207798&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797450&bpp=2&bdt=665&idt=552&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1405577575837&frm=20&pv=1&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RszSZNo5G4&p=https%3A//kolobok.ua&dtd=574

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b537ec724f66678291307a6f2d51e2e348519ef28a2f92468dd6dff0eb9481c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 403558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 190315
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 16:17:20 GMT
expires: Wed, 17 May 2023 16:17:20 GMT
last-modified: Thu, 28 Apr 2022 09:24:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EA99 0
0 85ms
83ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZh8c9vKJYrTECKaMqMwP77amgALzzpeaav7e4JPXD93ZHhABIMbgi3lgu4aAgNAKoAH0hfvWA8gBCakCWOMO4LD1tD6oAwHIA0iqBL4BT9CE_J-pMeahvVZmtHVB2orZfHy5pwx0BpgklDm5O7huoO58913lxNwve9hAeEsGlRlWqO1-A_SdRCSJSAfC1NNuGPo4Zsc7OQzOoBVeDXoaF81TvKKdVqYezrxWxNl7d5wfuQrmR6TZZU17LY5DOh30FqhytpRvseNcR4gODagS6hpDiMSc947uvbcUefRj8gd7wg3hDRMi5oDXYZL1BOTvyLYC9oNH3fUPLhxhRb9y4eUK-47bR8F6mt1gWMAE26CJ-PkDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_T5hCmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCKnAjSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=7OU-o0XW9M8&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6666085438&adk=3555305732&adf=3818598067&pi=t.ma~as.6666085438&w=728&lmt=1653207798&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797450&bpp=2&bdt=665&idt=552&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1405577575837&frm=20&pv=1&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RszSZNo5G4&p=https%3A//kolobok.ua&dtd=574
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 22 May 2022 08:23:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 22 May 2022 08:23:18 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame EA99 21 KB
9 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:18:36 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 114 KB
8 KB 436ms
237ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_ua_kolobok_old&dnt=false&domain=kolobok.ua&lang=ru&screen_name=ua_kolobok&suppress_response_codes=true&t=1836897&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

dc76f575703a2872a96148470cc3a04811b52167eb5c2283b9c8d145ac0b3211

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=192
content-length: 7627
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 178
last-modified: Sun, 22 May 2022 08:23:18 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 9a2a7e9ed6a9a6a7736623be57bcb46595442b6acb222b73297e9f9804f7cd4c
timing-allow-origin: *
x-transaction: 12e39a86031ef43c
expires: Sun, 22 May 2022 08:28:18 GMT

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame AC94 9 KB
4 KB 140ms
40ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653207798&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797452&bpp=1&bdt=666&idt=609&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1405577575837&frm=20&pv=1&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FGIZVajpKH&p=https%3A//kolobok.ua&dtd=614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 13:38:12 GMT

GET
H2 200 a36a6991e2edaa3748bc04a0cd733c40.js Show response
www.gstatic.com/mysidia/ Frame AC94 59 KB
22 KB 173ms
74ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a36a6991e2edaa3748bc04a0cd733c40.js?tag=leadgen/snom_text

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4117e569a95c360fea94a335983c9f400881f69a6819dc2d2c0a22386145365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 18:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22154
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 18:25:55 GMT

GET
H2 200 fc31345c98083c03a221f59decf0a196.js Show response
www.gstatic.com/mysidia/ Frame AC94 15 KB
6 KB 142ms
43ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc31345c98083c03a221f59decf0a196.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34383f0293f28938c6b08943c19efb698457b0564e92ef2e19ee96dc6b691ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 23:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6196
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 23:09:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AC94 6 KB
1 KB 148ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cd114987bdc53fc937585b252e87ddd11b9b689cb2196483bff2fd0bfb6f7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 06:51:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 08:23:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 08:23:18 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame AC94 27 KB
7 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 23:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6725
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 23:36:25 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame AC94 51 KB
11 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 16:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11613
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 16:29:08 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame AC94 18 KB
5 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 18:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4905
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 18:30:36 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame AC94 103 KB
19 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 16:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19915
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 16:06:56 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame AC94 58 KB
10 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10701
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 11:16:03 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame AC94 31 KB
3 KB 44ms
43ms Stylesheet
text/css 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3297
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 20:50:06 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame AC94 3 KB
884 B 46ms
44ms Stylesheet
text/css 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 18:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 18:30:36 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame AC94 2 KB
733 B 45ms
43ms Stylesheet
text/css 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 07:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 708
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 23 May 2022 07:00:18 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame AC94 37 KB
4 KB 47ms
45ms Stylesheet
text/css 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 05:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4280
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 23 May 2022 05:55:51 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame AC94 51 KB
5 KB 45ms
44ms Stylesheet
text/css 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 20:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4972
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 20:41:33 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame AC94 2 KB
904 B 42ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:22:25 GMT

GET
H2 200 1385a2171f5970e37f9f63bcf3909b3e.js Show response
www.gstatic.com/mysidia/ Frame AC94 19 KB
8 KB 143ms
47ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1385a2171f5970e37f9f63bcf3909b3e.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

179bd260b04d747143d18832fb926561c74c62c655e85b61f962a9082ab9d57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8332
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 19:09:36 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame AC94 21 KB
8 KB 87ms
55ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:18:36 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame AC94 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:20:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC94 135 KB
41 KB 150ms
58ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 08:23:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame AC94 17 KB
7 KB 77ms
46ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:22:40 GMT

POST
H2 200 z Show response
s.znctrack.net/ Frame 99D8 102 B
447 B 72ms
72ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: d2346fe1cea9d7410de2a0782a44ac91c3f838c4ab5a1d48cfc37addd77d5635

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 22 May 2022 08:23:18 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://kolobok.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3AAF 143 B
163 B 48ms
40ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=6666085438&adk=3555305732&adf=3818598067&pi=t.ma~as.6666085438&w=728&lmt=1653207798&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797450&bpp=2&bdt=665&idt=552&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1405577575837&frm=20&pv=1&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RszSZNo5G4&p=https%3A//kolobok.ua&dtd=574
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 08:09:35 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame EA99 3 KB
1 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:20:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA99 135 KB
41 KB 78ms
74ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 08:23:18 GMT

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 192 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 dinroundpro.woff2
kolobok.ua/fonts/ 35 KB
35 KB 75ms
75ms Font
application/octet-stream 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/fonts/dinroundpro.woff2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a4ec23f627568cedd2389d195103767bc8abe6b78c1cc262e54c59492d14e834

Request headers

Referer: https://kolobok.ua/css/style.min.css?8
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:26:02 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-8a10"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://kolobok.ua
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 35344
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5921 6 KB
643 B 136ms
51ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800,700,500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13222403947336152692/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c646a843a8583d1d4d9176fe620e91e24851aed73600a2ee131d481a165935d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 08:23:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 08:23:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 08:23:18 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5921 16 KB
6 KB 66ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13222403947336152692/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5921 26 KB
10 KB 68ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13222403947336152692/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 22 May 2022 16:13:39 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5322703313029564741/ Frame AC94 5 KB
5 KB 43ms
41ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5322703313029564741/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b75c0d4b0cfce1862e1151e7f828a9be270c3f688727b3fcd7bd7cfc13a1652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 18 May 2022 10:38:40 GMT
x-content-type-options: nosniff
age: 337478
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4954
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 15:01:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 May 2023 10:38:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3AAF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

157ms
156ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 08:23:19 GMT
expires: Sun, 22 May 2022 08:23:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 08:23:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AC94 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e160069c6ad90b0add3720d36f0529793459fb0d966aa4d76959c090e7c5179e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC94 0
22 B 74ms
74ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoMCAEqCFRvd2VyQWxsCgoIAioGc2VydmVyChsIBCoXZGlzcGxheV9sZWFkZ2VuXzVwX2N0cmwKLhohZGlzcGxheV9sZWFkX2Zvcm1fcXVlc3Rpb25fbnVtYmVyIQAAAAAAABBAMAEKDRArIQAAAAAAgE1AMAEKHxoScmRhX3RleHRfbGVhZF9mb3JtIQAAAAAAAPA_MAESGkNMV3NzdnpXOHZjQ0ZSQUhpZ01kN2g0TEd3IhFsZWFkZ2VuL3Nub21fdGV4dCgs

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc31345c98083c03a221f59decf0a196.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC94 0
22 B 73ms
72ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoMCAEqCFRvd2VyQWxsCgoIAioGc2VydmVyChsIBCoXZGlzcGxheV9sZWFkZ2VuXzVwX2N0cmwKDggDKgo2ODA4NzA3MDU1ChwaD3NpbmdsZV9yZWRpcmVjdCEAAAAAAADwPzABEhpDTFdzc3Z6Vzh2Y0NGUkFIaWdNZDdoNExHdyIRbGVhZGdlbi9zbm9tX3RleHQoLA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fc31345c98083c03a221f59decf0a196.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AC94 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHkop9vKJYrXZCZCOqMwP7r2s2AGN1NSEaqCzlbGbCpyTi5LEGxABIMbgi3lgu4aAgNAKoAHguqbfA8gBAakCWOMO4LD1tD6oAwHIA0iqBMIBT9CgADMmXCyIIR79t-atN1zLB9806bV5jwpKtEbv1q8l6JK5ONyCWkP6bvpa3r0UZPorPeXFtc4X_r976HmdQVe95Q3Fiu-A6NC0jND9LmCVzwyZg7X2Ea_gkB34Ys6Jyl8VypLjLJWmshmu9bG_AuGKIb11UhvIPwLuQKmm7D0Nr0z5-S5bwL2XwEjiM5CwdXSzZcUltH6B0e5kmfjZo0Y6k2ejWJwjN5WjllK1kS_JAOMrT58DT9B1Hfd3O9Ft2_rABJSLytq-AogF77_SrhmSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHiMXZIKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELKmJ9IICQiA4YBwEAEYH4AKAcgLAbgT2TbYEw2IFAj6FCIKBQiSBDAhEPTzk-qRASICCAEiAggDIgIIAiICCAQwADgA0BUBmBYBgBcBshccChoIABIUcHViLTM3NTU2NjIxOTczODYyNjkYAA&sigh=Oz_uRDZpm40&uach_m=[UACH]&template_id=7001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653207798&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797452&bpp=1&bdt=666&idt=609&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1405577575837&frm=20&pv=1&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FGIZVajpKH&p=https%3A//kolobok.ua&dtd=614
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 22 May 2022 08:23:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AC94 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da280991c552627b879229b0fba6bc25a355f2065399a8865938626af1a05913

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 76FC 6 KB
3 KB 125ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:18 GMT
expires: Mon, 22 May 2023 08:23:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 50ms
50ms Image
text/html 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=UmVSd0trSUhpcEtEL0JEc0RMMXIwL0lKSVVTVlBLaDlzM3N4ZTFZMzNCbnYxZ1h4TXNpdnM1cmRTK3FoQysyaVNFVi85aHhYOWY1SjBLMHg2TWs1bEZxZ3hWd2NvL2hiV0ZmTXpQSUVrMmtBYnRJV2k1bXRhQ0ZwMjV2WTdPVnNjQWMxRXlhL3V4ZzJiRVR3N3VacC9WMjhLamVaUXFOUS9acmd0VURkejExRkpmWUZvQ3JxNHdkRVhTaFFQT2tlODJZaFRRTHd6TVdQMEY3K3g3bnhWcERnVGRyVXl2Y21Ya29zQ3BiUVRacDZrOVhOTTVlV0lhbXNnaERiS3BTYTVoOXRxSEphOEpxeGxZTS9UV1p0dnc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012204292129000/ Frame 134C 220 KB
61 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 513491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61295
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c00c4adb72e5cb7f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 09:45:08 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 134C 14 KB
5 KB 199ms
109ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 513491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5188
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "176361d496ccc411"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 09:45:08 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 134C 94 KB
28 KB 206ms
116ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 513491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4b15b3c971f95798"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 09:45:08 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 134C 5 KB
2 KB 221ms
131ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 506640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 11:39:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a2652581fdabc981"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 11:39:19 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 134C 40 KB
13 KB 222ms
133ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 513491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12953
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 09:45:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8a2450dae6a66803"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 09:45:08 GMT

GET
DATA 200
OK truncated
/ Frame 134C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdb60be78f00d5a6a47e8f392b929dac4a19864748dad3df291c2308856415aa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14183869281796361049
tpc.googlesyndication.com/simgad/ Frame 134C 42 KB
42 KB 42ms
42ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14183869281796361049?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkwpgNaS9oJkXIbwy0TK6_AOfTPwQ

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38cd795f2bfd4a2fb71248087f1378784a2499c9d73ff01d3d00d5a9ee8609c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:53:34 GMT
x-content-type-options: nosniff
age: 257385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42701
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 07:44:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 May 2023 08:53:34 GMT

GET
H3 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 134C 3 KB
3 KB 41ms
40ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 05:59:37 GMT
x-content-type-options: nosniff
server: cafe
age: 8622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6726277462267614359
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Mon, 23 May 2022 05:59:37 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 134C 344 B
368 B 53ms
52ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 5825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 23 May 2022 06:46:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 134C 0
0 49ms
48ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwhC0cIfpyM7OLdCk6I76TzO9pib1IYwOi6iM34QwmOIk3VfC5aDNsvwxqBxdNETs5fZTgLBZSbL0JfKm98p56FZuo0g
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 134C 0
0 84ms
84ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CN_Ap9vKJYrrZJe6N9u8PrrKs0AnAoOTuaYiQ58PVD9_6taLbAhABIJm9v3Zgu4aAgNAKoAGf4-LMA8gBAqkCgL3IDMe4sT7gAgCoAwHIAwiqBOYBT9Al4Xi9cP_6MmfI1aC7gE8umh6CAqZVIJ8JasrjMd-s1-taFxg4xIz_s7IXG3aCixDSI9KizcKDhc23L9GrPkbTkZ9gujI9fFKNN6jqDdrSTufZa2foQj-Vu92_MN0EVYJYkCvbbKLCuCImo90wxmfHTUqVqrQKbkSdOjEojnSsidSwJsFwX15q7PhN0WHjU99sjwZbYYn7-dK9mZcKWy9PTtWQ-VE58VdObzyUN-TstGS5my7sIwCpvzzfFMe5wwVTQF0ggaYgrcv_ZGSvgNaNIxhgTV4ZjgtU9SBxMrvhxXoiqULABMaYh7X5A-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfJnJ0zqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-oUf0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xOTgyNDQ4NDIyNDk4MjI5gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTMxMzI4OTM3MjU2MDM5MzUY7b5x&sigh=buW1xAvXo34&uach_m=[UACH]
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 43ms
42ms Image
text/html 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=aXdnbHJOUjNxYW4yTDk5bDNzOHNYZHd0NWpqKzJPYnFSUncyTzk4SFUrTkdlYnJFUm83R1pUVmg5YUlYcHRCNEFUUFAzeS9rTU1HZWUydE1zckxhZnd1OTI5bElGejNtdkVvT1krak8vMWlud0NrbEhkTjhkWVBVVnZTMnd3NTVTZnVKM3MxeXBveDIwYTVXWThxUkp4MUhQSHM1STdqcHFaY1JhWG1PSXZBeE9zSkh3TTNtWjc5SFEvTkRTcG9uN2kyNE9JbTJ0RFFET2VETGJvSTVjL1dkemVNRUt5L2RLWVM5RnpId2VCcU5WbSszVHFiMitFWnFYY0xpZFFUOQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame EA99 17 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:18:08 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame AC94 17 KB
17 KB 199ms
107ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6427934c2fee6637679ce5ec5b21bef778502d9a349d9739fefe3b8985a116b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:13:42 GMT
x-content-type-options: nosniff
age: 382177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17148
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:15:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:13:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AC94 15 KB
15 KB 137ms
46ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 508532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:07:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AC94 9 KB
10 KB 130ms
40ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 21:51:35 GMT
x-content-type-options: nosniff
age: 469904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 21:51:35 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJlhpynSEg.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame AC94 8 KB
8 KB 209ms
120ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJlhpynSEg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f848a290f961c843ef03cef1a88a70ed80158cae34a5ae44bd1c58d33fb9506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:38:09 GMT
x-content-type-options: nosniff
age: 380710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8036
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:38:09 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ Frame 5921 37 KB
37 KB 155ms
80ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800,700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:07:32 GMT
x-content-type-options: nosniff
age: 400547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:29:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 17:07:32 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame CF8B 53 KB
12 KB 46ms
46ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B77) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 22 May 2022 08:23:19 GMT
Content-Encoding: gzip
Age: 143228
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:29 GMT
Server: ECS (amb/6B77)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 47ms
47ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B77) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 22 May 2022 08:23:19 GMT
Content-Encoding: gzip
Age: 143228
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Sun, 15 May 2022 20:03:29 GMT
Server: ECS (amb/6B77)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3 200 container.html Show response
e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E40 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051801.js?cb=31067689

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:18 GMT
expires: Mon, 22 May 2023 08:23:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 44ms
43ms Image
text/html 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=ZlFKRk1OMEpocVA5UGNodDUzTk5HRHZRdElmNVRoeG1BNUVzcWowbm9ZMVNiSCsyQnVxOWRGMHBIV3EzUDBjZklJYVVoVDhCeEY4VFNyb0p6Vzk5MFVXdThlNDYwTGE1RkJBUUhIRW5sbDMvRVhyblNwM2pnTEQ0RjllMXcxcVlweitVR3pxNEZ5ZkdjK2t0VzJvYkpBSHdjYlUwQUZId0VSV2ZkdXVNWUVEOFR5MlhpbXQ5QmU5STkxVjZjanFmMWJNSEk3MU5RWVl2TjJLZmFtRytHWmJ1bzhKZitrYUdiOGtqN3F0b3ZEcFd3QjZFUTVteGgwYlc5R3hkNENrdQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 5921 26 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6519ce17427524115e58b3bf121a724b092637c77189bfc098c4af89f61fb99

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EA99 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee2e0ab859a2b8ef9ff5b618be9e1bf0536f17fad6628085b07e2698dfbf070b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 omZMXr6F_normal.jpg
pbs.twimg.com/profile_images/905017721569640448/ Frame CF8B 2 KB
3 KB 132ms
30ms Image
image/jpeg 93.184.220.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/905017721569640448/omZMXr6F_normal.jpg

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lhb/6330) /

Resource Hash

be6613dda2ca59c3d2725ef7c7205cf0141adf31c0a0ae159328f951b7ab247e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:19 GMT
x-content-type-options: nosniff
age: 531682
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 2415
x-response-time: 119
surrogate-key: profile_images profile_images/bucket/0 profile_images/905017721569640448
last-modified: Tue, 05 Sep 2017 10:38:13 GMT
server: ECS (lhb/6330)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 226467592336b2a2676a2fc330446ee76cde9eb31732ff16860f20c0fe76672c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6E61 624 B
297 B 54ms
53ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNWez1xFxgkVxtHVHCu-dPUN5ujy055hY0cw4chTNBzGsiuUz10WgHnVEsY5cN2-j2F_qpJls9cAtew1KdT9fGamqe6AmxK2WlzlV1LJaMs5r5RPBBhn5U48eJFyvh-1_ya-yU-JmwHm_XkIHz9FO6lijjBFGs8FIljGHQoLxVZ8xJI9rFf7L3oyNwD9sVbngA7wP4pB

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 76FC 86 KB
33 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-9Jo2mvnT2opC9lW5qGqfpmzD5apxEgFyACr8gMXcLQPPd_ldMHLUlJP49V_tR7yZeG1lKx6jjgHOrUzeAJEiifmtI-DmUxTcZ8bJqxXyFYNFhSIQ-vlLcQQRM3FRA-Z86l50pTluOcSrIuQ48HCRqw45fQ&dbm_d=AKAmf-BkjxfHUhFh2PaqPOt04n6pC2XiEbLYYnOonQOyRTh9rVjZedz8o7xInDSKnwUiMJ9S3-dH85r1aY9DB6L1e6_W6vunVXQHxeDwZK1lTurmmD-QaFTJdt3ZzU40B8wKFJ56SvAILlGFkYjt6-6axE1_uBxow7vI8jPTFdfA9HOZV9cFwjEGEgDLvt2e_13VkK9FkMOEx2tS0JQVGVwOUNfLUjd2XQrPMhAK1RJtAMokg7U_9day1pK7rOCaklu_tUD1Lw4lKmGalW66P9x5cFbiLeR1vHFJLmDLXaNUFseV6GK-9s9brqeFqHojv_cOQyXQvk_9k1qIGNjurFX1WBWDYCbOclTdSOWnPP4rG0k5dOSuBgG4Fbljg88ZRlKivQA92nlNJlfvqRa5fB_5NqpsPuWw5b5tCY6Kb0DWzGRQnIX0iTTLojAKLk2Z2ruHd-Jcyt2KhH5xBdT2fkGXvhOQsL4Owaxm_DW2w0E-eRIeEcOq-TyCS7E7kciGJCSXZYVGW4jfPxskIF51Mcmo7abuAALjUARM78SBkYKtnSDNH-bSK6HOz2zI7-hfIRjU2vj7gKpsyPUr9ulSUZevE7f5HX8ArHF0Bq4A5LKLf7D-G_JaO6db5Bz81hhM5RGOt6YpF-Zosg9scH612OICQVC9-_AbvK5VogXq5PBLxAqjCdmwJVLh9S0HiMFQ7yz1Re2ehaH8DenmXA6kdSr-cNjoAfhG9U4oCxjcZHokwLZityS60qroyvQMUDLBXym5b4JvNpLav5kpKz1lKZz4JbxNEJ83z5Br1z0oO-M0ONmUP2-JvsvMnScXro3pf0uw714PGKuDnSUH6yhMVArwKzQXm5UNQgu2SJN4BbWqiUb8ztnTgDUE_aHv9Z1y3OZVo8vvIFnIY3t8-ixMLkREZQgC20m82rf5JaU5ganl-0DQUJRVK0JECjtEE4yxBuyMrlqnExDxjJfg5K542H5l5wnxS1v9n0FueKYmNHi5xo2Btx6E3MUwYOsvCvvfAmRn1TsopTyNUFYD6Urhifdgq0j6Nhsy3cBBBSIVRt34GnCJHfFFV-vKrCAS-MapSWbtH-0RJ5yOsNd9NldKi64ErD69C3GF5Lyo3KUMshogiUUDfzboiFG6EJn-HDO0xd4fBHsqAWgnXpniTY1mAfkJahcT3Sx3J0500VYyWLP6cF122OxHVU4z-Z9ZktzuET2q0t9CI379ytJtW9V5LBwbDebRox2sECcovpcSW9KU4Gp1TESV-7IXZCyx67Xim3wWsnLCMH_WY5MPst763nayXClgrBCThXQURAZ9N7K2FNduoc8kxI_2pVi_LXV-mMWI04izSsmEtshwae1h0qODDK_bs3Q585vdGY17oEdVe-H22voVgQjNlsvF5B3vahqiCcbK3UZYAcGJqZKAlDyxR5F-cKM3S_MSRFtchGjKj781DIqNL20qHVu6WtqFtGBYIRGRqEdmEDcy__kmyB9u1ruO0V2X9_wACFXpsXvX_G3PTvk8D6-jl2oSXgZKcWPcvJQ81KJTVxfvWKS2unFMeeFmHr_-hM3J_RlVULnMVCrEKI3KGM-owXuPlOGBhqB7_iaXB9gdL_b0l0qkTh4uiZ1XrSqr31S8GSdlTWec3XtojEguExRXUHY1iSWc3hCD8Bi5OapvlPM1NLczY-EqVxkwDDLRRtPt6ldXHvjaBN8hS4ysjm-cAFGqL-wwxC6tp_JMErsp7kN4-foG0JoTwrMIb3H3Hpr8Op6w0pojICqqcNfeTr6Emh-KAZwIuvC99e7hhnYgjc8gN3GmWCUsyhbsNYchQnUtcSNbj0AkPk7ACRcjijmPf-sHGkoy0vgiVsGbJriNnfXb3sqvEtzqysarXgOzTafp2vyN5w2H-kM-JBvohTlM2TUCfWC8qkv3iRJhNG5cQxRAPoZRYJwsgwHu5YA26LO8tQ-tAPUhPXdrTJg2Bw0wyD3D7VOjsjFuKkBIw8s6KT3Dl0yTWJjWdhdRv-Of6iCDodVhTqLAc3uEvbNHCjaKwfZCXO4dnIuAXi411MGELlgnGH66WKfkgkfV5J7scM289-LTxOk8T0Ufi_8sqUfRQ2hphpXUDYfsDlrCdmYDc15UfZVILdfKzHA569ICvadnb45KMhWQKyR34cCa3RvCh6wgBMiZmDxTAvbGtVIzSdAH4P9gWSXPHNjsEEAbuzm_YXya-yEa5L2ZxPwiv9ImDCDVKq6Y5YSKhsGzpcehZJPpax84SLREKizi7Nn-QUWWI6S5LCUefzxTCss8ARPbEJ4OGFMnFAnWU33mbqTaXleFSHq4GKBm1OIJI4dzZK6jE0wscRfhWbB_3_v0FCP0XQHOLAuaR-LSyowwDQ2h0KDa5hLSxSP2gn7jBagdlGunt4DtdHqaG5M9nIpbCaxnYhHJRswWFSbQg2FKk_GN0yta8u3WBHfDmZzJgzLy_4SQweBc6mMuBTMiJwdSUSsiC6RtqZ-WqD0nawDPtLxAEXxLO-NUK1LNhhiEtv4Lw1kS1LkPhS-g62GnozL6Lvi-YNakSbnEP8Hn89ip4XDslL5TsD_qEdfcnHayCGgydoA7U74jdHtGkFYTKTCXZNu0aWz5tvvlZMe3f1-ZQBon_vFJI9u0hj5kMm0_gxq-_hy3fFv6yAGz_XYwWaUpII1on20qffnup5A4zmdZIFupVGMx8LK3xP2ESz82qoEIOSbAs6GJvzPBK4ZRqBHKWESgMlFmhEKLIQ8ShnZln2HS4xfmJpSujkxa_w7p_5XYfYIVjPNp_KYvnFQyeR92yXnjr-T6X0k-a5gTlCykxpKJj9wj0FxrfBKMeVmaizZNMVsefSe9-NdV5qILbn42-THiFKEc4b6QOCopn5K19RyQ6Z3bDiyZrvJMjk0IZ7wCF5arofWMO_Gr_ZXxGePfShCZuDcQgzu7k4s3Sq6AIiiD_x6lVuMTSdsTUJcO7XgnrAASa9-EAw6BANpRq6ummujfZkZvB_elODmwBp05r-bwPqWhzXgR0zkg7Fj-KE5_VEO-HqxepCXqdWlYUnBAjHYFeHk1J5CmpY0XZ-Ilh-9us2RXX_5Fx2Qtx5jtN8X-ZbuCgSI4c63gr7N8QRi11QE3iDT_lIouNeS9VtEGuduHpWJ_RY8WXuIAIh6PR84frVHZbPntyt5eONdTOlbhFPLGdOeyzfdRF7m6KwoMylbrZqsZnF_qS4SPfKq8JBve5QkyDM0dlnLKOI575ApIkorVLQXT1doIUt3K0h1D5d3QlayDkPOZ9W4zPYubzsUZeUjGIIRlY0v_uuy0FlOgQ5taMp17tZ7nuIHle3338ECKti3sINXgSkyBEfpRfhgdf_iCo7dWjX61dwQDYj9DKa9aJltUAevwbRJU_aBaGcSPB2-6WTUGekugfz9STXuIsxu0ITVib9cftnoHi0fXCLRAhMRL8n-ypfZ-k_u4zS9YDrqZMQThOduurHmzB5Qn05XeE9ve1Sbv6OqtzNtB9oHhfv02Yr861DF-9JXzgWdiGFHE3hR095IfNI4tQsPdpE6GIEegt1eoMZ1okpj-LM5xp9_4_MLkfmm0I1o4-wSP-E8SUBL53Vx0vQFIKfpLNJimFxzyxbvL_pfFvsVY2b5g694L7WjsbOruM1VJ5ES1Br43N2Yh68tJvFLBwqlyUCux3l5Xzu31VCUnn_6kJHqJ9yjcg6vsOOn_ruGBLgCSt562dxe6YdhuC_JhnrhYbjGuBg3eEmqbiAjm90QwFU_UbE2kQAdy2quoWuf7K8AZST4TENobnA3SJQrSM_NBBFmg9nT46imtaHk5-pFFjLImuMeR1EyCBKVfZwcmGzxN&cid=CAASJORogmrXpKE2FrsXzsdzknAme9b33-1-XDCm9OpD9cOJK6qwiw&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced5cf6d29aec450e15a5a1a4d6a6fb7895b6c8e42c746343cd1fef77f5d24bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34090
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 76FC 42 B
65 B 74ms
73ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5RsD9n8KVqwYw4yiByxgATLcewiq5UgNZ95lKb357_ug2B1KKhcySytY49uRmko4S4eF08Uqoe1h3yv2ql-WOLBL1J9FYopw7vNdB72E4PZSZlsI

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 76FC 3 KB
1 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:20:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76FC 135 KB
41 KB 60ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 08:23:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 76FC 17 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:18:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 76FC 0
0 135ms
48ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSklKjmdDCZ30SMfxThc4KjMRWLoHIOwLrp_S67tFf5Qg_TPAbV7UlwXEiPS-SR2seHOA-tt0Z4VpqpFvEuZIiizRQicA
Requested by: Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7188 640 B
316 B 57ms
53ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMYirSayQEwAQ&v=APEucNWOJ0rVJofQOp-k24W3N_2Rjdpjs7jaGxKyCmQlOn7W6VDydQ2gQkkHV2Qkg4WKmz_gA1ME1j-3ogKA1zVBnhvrVwVbTJFTWTmBpmkZnEFsVjYq9IuWwIIxNLwCyiKtsrWGY2JU0P1JhOmA_Lgo3mIYohqS-hsqlZMIZGRji7jpl7jVPWs

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3E40 86 KB
33 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHW9aiePzBRw6kpZ5kIxBazadKzYIee9LGopXURZlItc-m0FuNzoKFKhA62LbStb0tnJeRuvO7LsRqBo6z-j_L3c4l8zOQCsyWnaNpwWIVzNRIliSilRwugeAVlGPEobE28fZIkekMuInb4W1-bGotpbrr6g&dbm_d=AKAmf-AvuZnbdZKCmGYHoIUple35b5zJwHZIv8RPz7ZAF8UaEVc2Q16_CEfgmbAddo9qHydlck3ftk_cCbTqKUyT5a2WWbFM1ikxD-9jb_HUi-mDwgoY4AplT5BoDgvw7WQYRNXH-WUGB6KdW637g-KjM6_KWjEH1JQ6h8KP8dZu8P6dkOYaMszeqjrpiozivGNS0Q2XlujzH10qwA6pgldO4ii9-h44hluMqTnAj_R8bcLifZDsQivyWM6ppJV4u_0zasEK5wo-xdP8BO7DejA9V3PmXBPj1S7ztcE-C2qnbydYXmK2D4JjWUHmj1b-6MN5OFn_ae7K46OOXNR7OI92Xr4xHBqUvn5BdZculZX74ZnZyaBMNg50FcC7DSfjiHCxP7IUX4HWPO_kTlbISSx5yezLklv5dtQg1_OlR9ZKVT0n1cEGEuVRw59PFnhecszv37Zjlh7QYoiUPVV3YGKDmoj9vxlxhaca64IMMZvlIOEkzuMgfvbKuZoIw6QaByT90l4k1gMN8EMXIBSQiP3vx9kvgXXDwJEAz_msgh5Oi59ZJDLmcQlq4OS5dNiHXRyejNOQc9eRV03iDNUfAWECBbpBp2chjqZ_zHnMkcBDHM7thTkMaoUGhVDzESUvkTagOR9Ro6sin9l30SyEnkuEL-mEcWcqD1C-PtQAYU8KV48sJTjUxq6Kp9ymhXyk0LvWL5HZ0vhn_VVhh2XbV7whFJlHEAoQibi7pXLmbWePS8TkN_ps37wU8q_pzPc2A8E0pG46lC3QIW8eApIiA-Rax19CcYdx9_rXEvi67tabT49RdK7u3G6hRsl2CBbUjJtHjhZf8WKNrtLQCu2QP-MvXnjjMyakROGgC93MAkWAshm-UCxFigvPaevRNqEglI3LjbGtfJihsp33PjihKW7P7WAc_sLVEB9lIYdKfCw4z5Pxwihr_omZagTgZMC28KebAx6-APg_OJ-0w9dvUGe_LQSU6tZUFLjvO3-FaDJBy73Zb_4qS12_btQqmXb3_gZmLb4AKZrytKm3paKTdWYhdWGbpFEyOzsNiJjw46K2b3KWyVTZ_2CKTqsJMrVNSfWNyI5gXq5YaxiBINm8o9YwsbRuVuciE9fc1fBsL4rOzXeH_KaQ4VRlrfOHWM-8jPDMZRR7O8dnyguEnzQXyut6s3QGbjIooB3ppQes1Z5KCH3NEiLuU-Wxo9ovHzyQ7bPhUYBICj21WhRThAyGTbC1XDDrwTeYLbNtifAHQJll2l3cFIK2SGPxzA7Yz0p5mdrGX0F4d7I-WoAKygAqe56rlessEIZ-5tPClmuWtxt-Ip3xTXnws0jXBxIi_XEc02mUjdM2dAXYffdeVMwcWAELmIHb0iV9iKRb3DLvnbmf7jwBpgk2tRyi5x9qztbuPky-hi5oKmPjH5fFtrt-tIG8uMcE63PwHwaEIQRW_WyYa4M9Vj-FSMgT22ylc5POSoiaoCrFtqZuHjUkqp5TJhLBByWbv69suXTvXzP77pkXUa53ULavoQElomE0EF-1E9wxXAZirYVvJ_iOUsNefDn2tY6_UEaZ8eOe4U092_qcISr72QGFSOaot8P_IWvKqP5WOLyEEepxa1D1pb9_gMNxbk0BJ9moXBt9LzUE5phYgUmipmi5WgVOjvLBXTRW-qTuo_tmA4QmrBdyfDQ5eUgjY8sPjQFtmchfVnjL1ipoBJiT5T6Lz8j2CU8nG57ccF20P5GSMsxWelypV-FvgZYiL--UnbvYJ5r2U30cRCkDQvmiPWnTwFCQ5v-05xjLWQQkCdXTwxAOQD8eyDkTiPhygSxoz0gVQC56QYdNW7XRAWHvPTx05o3J7OSXQEfMFTnNClw16uwaDEJT1DNbPJQhUMiLQ5JNKVhHkEvX6VUWJ1E2i0jnbA9KOcV7r3v2ag9BASp81K66AlUPa7iaQpoMPbe9mB-nJK_rZ2YzR_ttegj62otbG6aHHqB_5Cs9i_QP0nixyjEVok7ObRzgpO6AOJi0jbTCAuJYQDrmHeaMlavstJ6PMYG-fiRJaVS_C4iBtP_ifGSCQBFtJTuAW6LJoRbKsbtU_fAIfWePnPHaklPFgJVdXkHKSN5PBUo50trDDHwDFXz8rN5Io8iM6mC6xVm8OL1Y7XuUDTFqkomaIhQxG0HqfZuhAnOlaqxYUcilIxjS9CuStYUV7y4OR26wEatX8_nr5wyCcnUZkVm5VCaHwHSJAw1FMAPIr04BNDRAq0s5gQWlsaBGJiQr5Z5ERJqJAj3AD514QrHh-xaO10fMz0oltfRYzChkgQeSppD9MpGLfnJKzXnsJRg_3mtxEJoIt1ULfeuq1jUud8RRNnrMYdV5iucd4QvjEcVU4Vt_YdKSHO3FW-d2gJA56QQBJ3Su3DRrNJbAReT_2wvhCnEcRlzUwxxY2NsJqxNi8h6VgA0FuRyfVUCozwqS7xcEnlGta63TjLQr89cyq1JKI1S7vX1EjwPbyR9etTSIfxBD31qyz4gy_0XuMu8apxgZcOTGtcZ_ShG_mxcKwycPE5aKS2sRFmf1wpfJvcZ7E2yQg4_pDzIjl45zzdKm1n5YjlYTjW9HqWs6ZTtZtFhg4KwI2Ac-FHZngFyQ2fX8FdNaLbFrUhWYw-J_fTWMUYNdZT0eqZVhbVSmMJQ9erjG_W01kqr47dnnUdDc2HCJNOT0ZvQeuEYBBXtJWNmhEjvT1n0Up4lsXI49_5daPjWZeubQr3ng3UatIacZoAnU6gvmGp4x-iXyUfUrvmz370QjVzeP30XQr_tejve-B5kOi7edTC0MP-uKBF6RSWbAKS2BObgsig_wKPIqhL1S9iWGuwkuKBkR1nwl0Xp_FX213TVbKZls3pA-ZzhO17Ck34Ek_IkzB9SMqWpzJf4YtLhmFB5ulUiyFdIaLPHNS3c2Z9ZkNDAuEstgqCbWqt3fjsW0GtADgwa2PWtfkNfdyAwrvYSdOJ0FqhLuu6vz1IlGkcaDTUO8rxW0SrNa9XvtjsQs3XauJnEFQ5NFO3zpnLOTI0jNDAehIrIMUb0f_TV6KlSpWd6OZdub4GM9uIo3DnfNnA4b5rLVQiNP28glIvV3YM2WmPqY-U2mq__QdEW9lf8i-Jrii4HqjoNHthELGDjs2zC3gcAWKNJxwr5gCCnu5k1lyNZRZy6ZxK_s0OQMbNTi_W8_1fnczv8blyLys253-QyH7mesOfVQFGkZp691i7JBVN2TLeMQKSihyQKakGez8v2MjWbHLiG9v4XGwvU0NnCbfnPKOR8wvfhEhCODpeDZmTWlCg5FWRZd6SuoTq36ccFbjvcuW_-cCPx-YUyMT9HntLxBmuHHLObxnJqk9CHow76bTj8TMvSJrwxUgzPiOPfyiOpQfca7hTbflqCp-kL9q8SM3d8b9g-t7XMeGc_BY8KDMDOBjg5O-7-A965MZMhG2C_BKlYVB7-C-7CvE1p1GV846c3c1go1keel9gpxr2eBTNTGdy59fXdQjh45GIU2z_ZYUcrEdBwKyqughOeM-oGj41k3oFfyNyMghUtwDlQjxidCfH0Vi4EPVvhUqGYU7iKuBan-Y4fai1xwKlzdOSQJiK1ZLxKKtP3BFNcjOwrJCkfXYpMWH2Dm-q6-I0g6rFyhFv79rQqGm3X3Knn_qYA8BaS1urHEDCpzfxczPKaWYWfdOZB0L9sJeejhLqPkt7vIFQdKyI5cyKRXzef2ausuov2ejOpJv23EmERO69RXbDFALHOU0aaUF5mxvdVHZO2VSeJNVR55exVTGz-eqpYDSUaVgZI8QlVECVlEfljODZXjIebFyM4UKOijeVZmtcVyCyehf1zg6ZAYBRu_BhSxmo2p8MslBj1IH0vNvzyYVg&cid=CAASJORoqzV4CQ_MgMVeN5nomgd-IpPt_QH1aR9nFzopnv3nzRSuNA&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5e4d00ad7195951f911b10a551554eb79df464ac5799596c0176c2a07f7d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34182
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E40 42 B
65 B 75ms
74ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTNjKgdjNTJ4t5n2WP3cB1xJslLs86AK9oqcesy79YZ1wZQRM3uql1kjJ10hwVxu95D5E0t4VIVWzmZWOrX59joBHlGCr5Csb8sEY2RgtVqJvqldc

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3E40 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:20:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E40 135 KB
41 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 08:23:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3E40 17 KB
7 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:18:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3E40 0
0 126ms
48ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaREyqufWEnUVTHHAuyhvTG_TXeICYPUBNL2s7iEShChDNE6nwGCeuqDwr4Z2kdINgd7w-RfXbgS6jvXeFWZ3M7y9i2Fhg
Requested by: Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 134C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

84ms
83ms

Image
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H3
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Sun, 22 May 2022 08:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6E61
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEODJ4vud8urIpJrKau64KW8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEODJ4vud8urIpJrKau64KW8&google_cver=1&C=1

43 B
892 B

55ms
55ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEODJ4vud8urIpJrKau64KW8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNWez1xFxgkVxtHVHCu-dPUN5ujy055hY0cw4chTNBzGsiuUz10WgHnVEsY5cN2-j2F_qpJls9cAtew1KdT9fGamqe6AmxK2WlzlV1LJaMs5r5RPBBhn5U48eJFyvh-1_ya-yU-JmwHm_XkIHz9FO6lijjBFGs8FIljGHQoLxVZ8xJI9rFf7L3oyNwD9sVbngA7wP4pB
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 08:23:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 22 May 2022 08:23:19 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 08:23:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEODJ4vud8urIpJrKau64KW8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 22 May 2022 08:23:19 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6E61
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yony9zytm3AI6FafCdYBFgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEODJ4vud8urIpJrKau64KW8&google_cver=1

43 B
892 B

71ms
71ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEODJ4vud8urIpJrKau64KW8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNWez1xFxgkVxtHVHCu-dPUN5ujy055hY0cw4chTNBzGsiuUz10WgHnVEsY5cN2-j2F_qpJls9cAtew1KdT9fGamqe6AmxK2WlzlV1LJaMs5r5RPBBhn5U48eJFyvh-1_ya-yU-JmwHm_XkIHz9FO6lijjBFGs8FIljGHQoLxVZ8xJI9rFf7L3oyNwD9sVbngA7wP4pB
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 08:23:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 22 May 2022 08:23:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEODJ4vud8urIpJrKau64KW8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6E61
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGGJBvlrfbF0Z-YY_MLTyqg&google_cver=1

43 B
1020 B

71ms
58ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGGJBvlrfbF0Z-YY_MLTyqg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNWez1xFxgkVxtHVHCu-dPUN5ujy055hY0cw4chTNBzGsiuUz10WgHnVEsY5cN2-j2F_qpJls9cAtew1KdT9fGamqe6AmxK2WlzlV1LJaMs5r5RPBBhn5U48eJFyvh-1_ya-yU-JmwHm_XkIHz9FO6lijjBFGs8FIljGHQoLxVZ8xJI9rFf7L3oyNwD9sVbngA7wP4pB

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 22 May 2022 08:23:19 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fac2a4cf-d0da-485a-a4e1-a9daec909eef
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGGJBvlrfbF0Z-YY_MLTyqg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6E61
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYwNDgxMDkxMTUzNDUwNzA5Nw%3D%3D

170 B
188 B

152ms
66ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYwNDgxMDkxMTUzNDUwNzA5Nw%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 08:23:19 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dfbc03e2-c6a9-4c14-baeb-3f9841033531
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTYwNDgxMDkxMTUzNDUwNzA5Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 7188
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOEtuCB2q7P4R9dWvyL_csU&google_cver=1

43 B
61 B

64ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOEtuCB2q7P4R9dWvyL_csU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMYirSayQEwAQ&v=APEucNWOJ0rVJofQOp-k24W3N_2Rjdpjs7jaGxKyCmQlOn7W6VDydQ2gQkkHV2Qkg4WKmz_gA1ME1j-3ogKA1zVBnhvrVwVbTJFTWTmBpmkZnEFsVjYq9IuWwIIxNLwCyiKtsrWGY2JU0P1JhOmA_Lgo3mIYohqS-hsqlZMIZGRji7jpl7jVPWs
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
via: 1.1 google
server: OXGW/18.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOEtuCB2q7P4R9dWvyL_csU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7188 43 B
305 B 127ms
34ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMYirSayQEwAQ&v=APEucNWOJ0rVJofQOp-k24W3N_2Rjdpjs7jaGxKyCmQlOn7W6VDydQ2gQkkHV2Qkg4WKmz_gA1ME1j-3ogKA1zVBnhvrVwVbTJFTWTmBpmkZnEFsVjYq9IuWwIIxNLwCyiKtsrWGY2JU0P1JhOmA_Lgo3mIYohqS-hsqlZMIZGRji7jpl7jVPWs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 7188
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELeQy2lwZbUczuu0FK6NAnc&google_cver=1

23 B
172 B

137ms
71ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELeQy2lwZbUczuu0FK6NAnc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMYirSayQEwAQ&v=APEucNWOJ0rVJofQOp-k24W3N_2Rjdpjs7jaGxKyCmQlOn7W6VDydQ2gQkkHV2Qkg4WKmz_gA1ME1j-3ogKA1zVBnhvrVwVbTJFTWTmBpmkZnEFsVjYq9IuWwIIxNLwCyiKtsrWGY2JU0P1JhOmA_Lgo3mIYohqS-hsqlZMIZGRji7jpl7jVPWs
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 22 May 2022 08:23:19 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESELeQy2lwZbUczuu0FK6NAnc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7188 23 B
172 B 240ms
69ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMYirSayQEwAQ&v=APEucNWOJ0rVJofQOp-k24W3N_2Rjdpjs7jaGxKyCmQlOn7W6VDydQ2gQkkHV2Qkg4WKmz_gA1ME1j-3ogKA1zVBnhvrVwVbTJFTWTmBpmkZnEFsVjYq9IuWwIIxNLwCyiKtsrWGY2JU0P1JhOmA_Lgo3mIYohqS-hsqlZMIZGRji7jpl7jVPWs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 22 May 2022 08:23:19 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 8057 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 06:10:10 GMT

GET
H2 200 html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 76FC 169 KB
60 KB 158ms
42ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd2056d3c5a5f9a087647154dc26dbed362a61b733a6cbc8d9e5330b4f4d4284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
Origin: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 08:56:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60459
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 May 2022 08:56:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 76FC 8 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-9Jo2mvnT2opC9lW5qGqfpmzD5apxEgFyACr8gMXcLQPPd_ldMHLUlJP49V_tR7yZeG1lKx6jjgHOrUzeAJEiifmtI-DmUxTcZ8bJqxXyFYNFhSIQ-vlLcQQRM3FRA-Z86l50pTluOcSrIuQ48HCRqw45fQ&dbm_d=AKAmf-BkjxfHUhFh2PaqPOt04n6pC2XiEbLYYnOonQOyRTh9rVjZedz8o7xInDSKnwUiMJ9S3-dH85r1aY9DB6L1e6_W6vunVXQHxeDwZK1lTurmmD-QaFTJdt3ZzU40B8wKFJ56SvAILlGFkYjt6-6axE1_uBxow7vI8jPTFdfA9HOZV9cFwjEGEgDLvt2e_13VkK9FkMOEx2tS0JQVGVwOUNfLUjd2XQrPMhAK1RJtAMokg7U_9day1pK7rOCaklu_tUD1Lw4lKmGalW66P9x5cFbiLeR1vHFJLmDLXaNUFseV6GK-9s9brqeFqHojv_cOQyXQvk_9k1qIGNjurFX1WBWDYCbOclTdSOWnPP4rG0k5dOSuBgG4Fbljg88ZRlKivQA92nlNJlfvqRa5fB_5NqpsPuWw5b5tCY6Kb0DWzGRQnIX0iTTLojAKLk2Z2ruHd-Jcyt2KhH5xBdT2fkGXvhOQsL4Owaxm_DW2w0E-eRIeEcOq-TyCS7E7kciGJCSXZYVGW4jfPxskIF51Mcmo7abuAALjUARM78SBkYKtnSDNH-bSK6HOz2zI7-hfIRjU2vj7gKpsyPUr9ulSUZevE7f5HX8ArHF0Bq4A5LKLf7D-G_JaO6db5Bz81hhM5RGOt6YpF-Zosg9scH612OICQVC9-_AbvK5VogXq5PBLxAqjCdmwJVLh9S0HiMFQ7yz1Re2ehaH8DenmXA6kdSr-cNjoAfhG9U4oCxjcZHokwLZityS60qroyvQMUDLBXym5b4JvNpLav5kpKz1lKZz4JbxNEJ83z5Br1z0oO-M0ONmUP2-JvsvMnScXro3pf0uw714PGKuDnSUH6yhMVArwKzQXm5UNQgu2SJN4BbWqiUb8ztnTgDUE_aHv9Z1y3OZVo8vvIFnIY3t8-ixMLkREZQgC20m82rf5JaU5ganl-0DQUJRVK0JECjtEE4yxBuyMrlqnExDxjJfg5K542H5l5wnxS1v9n0FueKYmNHi5xo2Btx6E3MUwYOsvCvvfAmRn1TsopTyNUFYD6Urhifdgq0j6Nhsy3cBBBSIVRt34GnCJHfFFV-vKrCAS-MapSWbtH-0RJ5yOsNd9NldKi64ErD69C3GF5Lyo3KUMshogiUUDfzboiFG6EJn-HDO0xd4fBHsqAWgnXpniTY1mAfkJahcT3Sx3J0500VYyWLP6cF122OxHVU4z-Z9ZktzuET2q0t9CI379ytJtW9V5LBwbDebRox2sECcovpcSW9KU4Gp1TESV-7IXZCyx67Xim3wWsnLCMH_WY5MPst763nayXClgrBCThXQURAZ9N7K2FNduoc8kxI_2pVi_LXV-mMWI04izSsmEtshwae1h0qODDK_bs3Q585vdGY17oEdVe-H22voVgQjNlsvF5B3vahqiCcbK3UZYAcGJqZKAlDyxR5F-cKM3S_MSRFtchGjKj781DIqNL20qHVu6WtqFtGBYIRGRqEdmEDcy__kmyB9u1ruO0V2X9_wACFXpsXvX_G3PTvk8D6-jl2oSXgZKcWPcvJQ81KJTVxfvWKS2unFMeeFmHr_-hM3J_RlVULnMVCrEKI3KGM-owXuPlOGBhqB7_iaXB9gdL_b0l0qkTh4uiZ1XrSqr31S8GSdlTWec3XtojEguExRXUHY1iSWc3hCD8Bi5OapvlPM1NLczY-EqVxkwDDLRRtPt6ldXHvjaBN8hS4ysjm-cAFGqL-wwxC6tp_JMErsp7kN4-foG0JoTwrMIb3H3Hpr8Op6w0pojICqqcNfeTr6Emh-KAZwIuvC99e7hhnYgjc8gN3GmWCUsyhbsNYchQnUtcSNbj0AkPk7ACRcjijmPf-sHGkoy0vgiVsGbJriNnfXb3sqvEtzqysarXgOzTafp2vyN5w2H-kM-JBvohTlM2TUCfWC8qkv3iRJhNG5cQxRAPoZRYJwsgwHu5YA26LO8tQ-tAPUhPXdrTJg2Bw0wyD3D7VOjsjFuKkBIw8s6KT3Dl0yTWJjWdhdRv-Of6iCDodVhTqLAc3uEvbNHCjaKwfZCXO4dnIuAXi411MGELlgnGH66WKfkgkfV5J7scM289-LTxOk8T0Ufi_8sqUfRQ2hphpXUDYfsDlrCdmYDc15UfZVILdfKzHA569ICvadnb45KMhWQKyR34cCa3RvCh6wgBMiZmDxTAvbGtVIzSdAH4P9gWSXPHNjsEEAbuzm_YXya-yEa5L2ZxPwiv9ImDCDVKq6Y5YSKhsGzpcehZJPpax84SLREKizi7Nn-QUWWI6S5LCUefzxTCss8ARPbEJ4OGFMnFAnWU33mbqTaXleFSHq4GKBm1OIJI4dzZK6jE0wscRfhWbB_3_v0FCP0XQHOLAuaR-LSyowwDQ2h0KDa5hLSxSP2gn7jBagdlGunt4DtdHqaG5M9nIpbCaxnYhHJRswWFSbQg2FKk_GN0yta8u3WBHfDmZzJgzLy_4SQweBc6mMuBTMiJwdSUSsiC6RtqZ-WqD0nawDPtLxAEXxLO-NUK1LNhhiEtv4Lw1kS1LkPhS-g62GnozL6Lvi-YNakSbnEP8Hn89ip4XDslL5TsD_qEdfcnHayCGgydoA7U74jdHtGkFYTKTCXZNu0aWz5tvvlZMe3f1-ZQBon_vFJI9u0hj5kMm0_gxq-_hy3fFv6yAGz_XYwWaUpII1on20qffnup5A4zmdZIFupVGMx8LK3xP2ESz82qoEIOSbAs6GJvzPBK4ZRqBHKWESgMlFmhEKLIQ8ShnZln2HS4xfmJpSujkxa_w7p_5XYfYIVjPNp_KYvnFQyeR92yXnjr-T6X0k-a5gTlCykxpKJj9wj0FxrfBKMeVmaizZNMVsefSe9-NdV5qILbn42-THiFKEc4b6QOCopn5K19RyQ6Z3bDiyZrvJMjk0IZ7wCF5arofWMO_Gr_ZXxGePfShCZuDcQgzu7k4s3Sq6AIiiD_x6lVuMTSdsTUJcO7XgnrAASa9-EAw6BANpRq6ummujfZkZvB_elODmwBp05r-bwPqWhzXgR0zkg7Fj-KE5_VEO-HqxepCXqdWlYUnBAjHYFeHk1J5CmpY0XZ-Ilh-9us2RXX_5Fx2Qtx5jtN8X-ZbuCgSI4c63gr7N8QRi11QE3iDT_lIouNeS9VtEGuduHpWJ_RY8WXuIAIh6PR84frVHZbPntyt5eONdTOlbhFPLGdOeyzfdRF7m6KwoMylbrZqsZnF_qS4SPfKq8JBve5QkyDM0dlnLKOI575ApIkorVLQXT1doIUt3K0h1D5d3QlayDkPOZ9W4zPYubzsUZeUjGIIRlY0v_uuy0FlOgQ5taMp17tZ7nuIHle3338ECKti3sINXgSkyBEfpRfhgdf_iCo7dWjX61dwQDYj9DKa9aJltUAevwbRJU_aBaGcSPB2-6WTUGekugfz9STXuIsxu0ITVib9cftnoHi0fXCLRAhMRL8n-ypfZ-k_u4zS9YDrqZMQThOduurHmzB5Qn05XeE9ve1Sbv6OqtzNtB9oHhfv02Yr861DF-9JXzgWdiGFHE3hR095IfNI4tQsPdpE6GIEegt1eoMZ1okpj-LM5xp9_4_MLkfmm0I1o4-wSP-E8SUBL53Vx0vQFIKfpLNJimFxzyxbvL_pfFvsVY2b5g694L7WjsbOruM1VJ5ES1Br43N2Yh68tJvFLBwqlyUCux3l5Xzu31VCUnn_6kJHqJ9yjcg6vsOOn_ruGBLgCSt562dxe6YdhuC_JhnrhYbjGuBg3eEmqbiAjm90QwFU_UbE2kQAdy2quoWuf7K8AZST4TENobnA3SJQrSM_NBBFmg9nT46imtaHk5-pFFjLImuMeR1EyCBKVfZwcmGzxN&cid=CAASJORogmrXpKE2FrsXzsdzknAme9b33-1-XDCm9OpD9cOJK6qwiw&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:22:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:22:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 76FC 27 KB
10 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:23:15 GMT

GET
H2 200 html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3E40 169 KB
59 KB 196ms
89ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd2056d3c5a5f9a087647154dc26dbed362a61b733a6cbc8d9e5330b4f4d4284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
Origin: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 08:56:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60459
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 May 2022 08:56:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 3E40 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHW9aiePzBRw6kpZ5kIxBazadKzYIee9LGopXURZlItc-m0FuNzoKFKhA62LbStb0tnJeRuvO7LsRqBo6z-j_L3c4l8zOQCsyWnaNpwWIVzNRIliSilRwugeAVlGPEobE28fZIkekMuInb4W1-bGotpbrr6g&dbm_d=AKAmf-AvuZnbdZKCmGYHoIUple35b5zJwHZIv8RPz7ZAF8UaEVc2Q16_CEfgmbAddo9qHydlck3ftk_cCbTqKUyT5a2WWbFM1ikxD-9jb_HUi-mDwgoY4AplT5BoDgvw7WQYRNXH-WUGB6KdW637g-KjM6_KWjEH1JQ6h8KP8dZu8P6dkOYaMszeqjrpiozivGNS0Q2XlujzH10qwA6pgldO4ii9-h44hluMqTnAj_R8bcLifZDsQivyWM6ppJV4u_0zasEK5wo-xdP8BO7DejA9V3PmXBPj1S7ztcE-C2qnbydYXmK2D4JjWUHmj1b-6MN5OFn_ae7K46OOXNR7OI92Xr4xHBqUvn5BdZculZX74ZnZyaBMNg50FcC7DSfjiHCxP7IUX4HWPO_kTlbISSx5yezLklv5dtQg1_OlR9ZKVT0n1cEGEuVRw59PFnhecszv37Zjlh7QYoiUPVV3YGKDmoj9vxlxhaca64IMMZvlIOEkzuMgfvbKuZoIw6QaByT90l4k1gMN8EMXIBSQiP3vx9kvgXXDwJEAz_msgh5Oi59ZJDLmcQlq4OS5dNiHXRyejNOQc9eRV03iDNUfAWECBbpBp2chjqZ_zHnMkcBDHM7thTkMaoUGhVDzESUvkTagOR9Ro6sin9l30SyEnkuEL-mEcWcqD1C-PtQAYU8KV48sJTjUxq6Kp9ymhXyk0LvWL5HZ0vhn_VVhh2XbV7whFJlHEAoQibi7pXLmbWePS8TkN_ps37wU8q_pzPc2A8E0pG46lC3QIW8eApIiA-Rax19CcYdx9_rXEvi67tabT49RdK7u3G6hRsl2CBbUjJtHjhZf8WKNrtLQCu2QP-MvXnjjMyakROGgC93MAkWAshm-UCxFigvPaevRNqEglI3LjbGtfJihsp33PjihKW7P7WAc_sLVEB9lIYdKfCw4z5Pxwihr_omZagTgZMC28KebAx6-APg_OJ-0w9dvUGe_LQSU6tZUFLjvO3-FaDJBy73Zb_4qS12_btQqmXb3_gZmLb4AKZrytKm3paKTdWYhdWGbpFEyOzsNiJjw46K2b3KWyVTZ_2CKTqsJMrVNSfWNyI5gXq5YaxiBINm8o9YwsbRuVuciE9fc1fBsL4rOzXeH_KaQ4VRlrfOHWM-8jPDMZRR7O8dnyguEnzQXyut6s3QGbjIooB3ppQes1Z5KCH3NEiLuU-Wxo9ovHzyQ7bPhUYBICj21WhRThAyGTbC1XDDrwTeYLbNtifAHQJll2l3cFIK2SGPxzA7Yz0p5mdrGX0F4d7I-WoAKygAqe56rlessEIZ-5tPClmuWtxt-Ip3xTXnws0jXBxIi_XEc02mUjdM2dAXYffdeVMwcWAELmIHb0iV9iKRb3DLvnbmf7jwBpgk2tRyi5x9qztbuPky-hi5oKmPjH5fFtrt-tIG8uMcE63PwHwaEIQRW_WyYa4M9Vj-FSMgT22ylc5POSoiaoCrFtqZuHjUkqp5TJhLBByWbv69suXTvXzP77pkXUa53ULavoQElomE0EF-1E9wxXAZirYVvJ_iOUsNefDn2tY6_UEaZ8eOe4U092_qcISr72QGFSOaot8P_IWvKqP5WOLyEEepxa1D1pb9_gMNxbk0BJ9moXBt9LzUE5phYgUmipmi5WgVOjvLBXTRW-qTuo_tmA4QmrBdyfDQ5eUgjY8sPjQFtmchfVnjL1ipoBJiT5T6Lz8j2CU8nG57ccF20P5GSMsxWelypV-FvgZYiL--UnbvYJ5r2U30cRCkDQvmiPWnTwFCQ5v-05xjLWQQkCdXTwxAOQD8eyDkTiPhygSxoz0gVQC56QYdNW7XRAWHvPTx05o3J7OSXQEfMFTnNClw16uwaDEJT1DNbPJQhUMiLQ5JNKVhHkEvX6VUWJ1E2i0jnbA9KOcV7r3v2ag9BASp81K66AlUPa7iaQpoMPbe9mB-nJK_rZ2YzR_ttegj62otbG6aHHqB_5Cs9i_QP0nixyjEVok7ObRzgpO6AOJi0jbTCAuJYQDrmHeaMlavstJ6PMYG-fiRJaVS_C4iBtP_ifGSCQBFtJTuAW6LJoRbKsbtU_fAIfWePnPHaklPFgJVdXkHKSN5PBUo50trDDHwDFXz8rN5Io8iM6mC6xVm8OL1Y7XuUDTFqkomaIhQxG0HqfZuhAnOlaqxYUcilIxjS9CuStYUV7y4OR26wEatX8_nr5wyCcnUZkVm5VCaHwHSJAw1FMAPIr04BNDRAq0s5gQWlsaBGJiQr5Z5ERJqJAj3AD514QrHh-xaO10fMz0oltfRYzChkgQeSppD9MpGLfnJKzXnsJRg_3mtxEJoIt1ULfeuq1jUud8RRNnrMYdV5iucd4QvjEcVU4Vt_YdKSHO3FW-d2gJA56QQBJ3Su3DRrNJbAReT_2wvhCnEcRlzUwxxY2NsJqxNi8h6VgA0FuRyfVUCozwqS7xcEnlGta63TjLQr89cyq1JKI1S7vX1EjwPbyR9etTSIfxBD31qyz4gy_0XuMu8apxgZcOTGtcZ_ShG_mxcKwycPE5aKS2sRFmf1wpfJvcZ7E2yQg4_pDzIjl45zzdKm1n5YjlYTjW9HqWs6ZTtZtFhg4KwI2Ac-FHZngFyQ2fX8FdNaLbFrUhWYw-J_fTWMUYNdZT0eqZVhbVSmMJQ9erjG_W01kqr47dnnUdDc2HCJNOT0ZvQeuEYBBXtJWNmhEjvT1n0Up4lsXI49_5daPjWZeubQr3ng3UatIacZoAnU6gvmGp4x-iXyUfUrvmz370QjVzeP30XQr_tejve-B5kOi7edTC0MP-uKBF6RSWbAKS2BObgsig_wKPIqhL1S9iWGuwkuKBkR1nwl0Xp_FX213TVbKZls3pA-ZzhO17Ck34Ek_IkzB9SMqWpzJf4YtLhmFB5ulUiyFdIaLPHNS3c2Z9ZkNDAuEstgqCbWqt3fjsW0GtADgwa2PWtfkNfdyAwrvYSdOJ0FqhLuu6vz1IlGkcaDTUO8rxW0SrNa9XvtjsQs3XauJnEFQ5NFO3zpnLOTI0jNDAehIrIMUb0f_TV6KlSpWd6OZdub4GM9uIo3DnfNnA4b5rLVQiNP28glIvV3YM2WmPqY-U2mq__QdEW9lf8i-Jrii4HqjoNHthELGDjs2zC3gcAWKNJxwr5gCCnu5k1lyNZRZy6ZxK_s0OQMbNTi_W8_1fnczv8blyLys253-QyH7mesOfVQFGkZp691i7JBVN2TLeMQKSihyQKakGez8v2MjWbHLiG9v4XGwvU0NnCbfnPKOR8wvfhEhCODpeDZmTWlCg5FWRZd6SuoTq36ccFbjvcuW_-cCPx-YUyMT9HntLxBmuHHLObxnJqk9CHow76bTj8TMvSJrwxUgzPiOPfyiOpQfca7hTbflqCp-kL9q8SM3d8b9g-t7XMeGc_BY8KDMDOBjg5O-7-A965MZMhG2C_BKlYVB7-C-7CvE1p1GV846c3c1go1keel9gpxr2eBTNTGdy59fXdQjh45GIU2z_ZYUcrEdBwKyqughOeM-oGj41k3oFfyNyMghUtwDlQjxidCfH0Vi4EPVvhUqGYU7iKuBan-Y4fai1xwKlzdOSQJiK1ZLxKKtP3BFNcjOwrJCkfXYpMWH2Dm-q6-I0g6rFyhFv79rQqGm3X3Knn_qYA8BaS1urHEDCpzfxczPKaWYWfdOZB0L9sJeejhLqPkt7vIFQdKyI5cyKRXzef2ausuov2ejOpJv23EmERO69RXbDFALHOU0aaUF5mxvdVHZO2VSeJNVR55exVTGz-eqpYDSUaVgZI8QlVECVlEfljODZXjIebFyM4UKOijeVZmtcVyCyehf1zg6ZAYBRu_BhSxmo2p8MslBj1IH0vNvzyYVg&cid=CAASJORoqzV4CQ_MgMVeN5nomgd-IpPt_QH1aR9nFzopnv3nzRSuNA&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:22:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:22:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 3E40 27 KB
10 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 08:23:15 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
380 B 151ms
151ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkolobok.ua%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3Aua_kolobok%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1653207799370%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=6f2a4327f07f301536e73ae9dff74049c083ceac

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Sun, 22 May 2022 08:23:19 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 40c5cda139f6a09d6f2dce506c463329889a2fd5f8c65002daa64c0b3ffd1465
x-transaction: f7eb592b4ed740ad
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 5921 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 06:10:10 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 76FC 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7C6F 1 KB
756 B 40ms
40ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 8975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Mon, 23 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 76FC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3595d6fbb67329feef0aa259d40cf7dc3787ff1183b9b01f2535cf985bb2440a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3E40 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C7E4 1 KB
756 B 40ms
40ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 8975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Mon, 23 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3E40 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f80cadfcbd017e3bf204f6a7bf2d73ee7ab48f1756b833dba5f1fcf0b3fd35db

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 41ms
41ms Image
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=8ea486a5-d161-46a5-a5a4-b1d24d77a9af

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 22 May 2022 08:23:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DA3B 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 333286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7126 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 333286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5825321732835115008/ Frame A905 92 KB
25 KB 134ms
49ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ddc95507676c16045fd509f101f5dfe5e57b1c28a5b55cebe9b857deb7f7d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:19 GMT
expires: Mon, 22 May 2023 08:23:19 GMT
last-modified: Wed, 27 Apr 2022 09:23:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 76FC 0
306 B 106ms
84ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFxyDCniVTSa9DufL8P7sXLrgF_VYM_OaYYWOg3i8U7lq3c81Ld5NFcdTkZK89L1pexw40_YlAekmqPIxeSXCdi9TDByGcOZQ2kyNsty767K8oIdum1A4kV-k-kS6LfKAFZTbXQTFckH6meNFEFASHMD38HSXUwsZ25PTTf7lpu9fF7N9gAhHOkDucJ9Vj2V1e4LbkMAuj_xjx2O4DL3_aKALl72xxnPFk7rzl40QNL1n7c6Q_Is1dnPev7tuPWkYC6-9_HWeFT4xHn1ue6SMFvxqs7krtJaeN6l-Q4mbUja4Nsa5SFj3E-zeOSf-V8M_bLp7SHsRGhxNtU0nJ_5CK6w8S5CIzxdF_PsFZD3PQWxUgLHTnCc1iUFfRryUYQrPnsSHgUokRhpjiCmpCXMerMo_VR8LJAlyrsjj1Gbre5ejhjyocPqT9Z6-DCKyp6R0JMT3oiDJy12GW8kTXIMJ10F0r3Zqvw6ujGFJcgd03W5ZQ0Irg0jaKD_jUC497lxQ3vWAcdJHliT_AAYuowWfXdW9hTGLPZP8EvUTyCyIuWzZdqUHeCsgC46uGzxk7YD0ZXSFiJHEGjQXNKazH8AftMdjJK3PqxvQELr7wc1xYgnF4hfCkRl7RITnLWKVhBB5ZVOY9g7-YFBeQFHdoIHPhr3WuoywIPJFvXOgRA_J3XNvnc3lu7CoI4TKAKfSuPIMX0EIbKdf752RorPCIg9ZZfdMPX8WjtO2Q97JENE7wLyPjMCyeKvLO2qh8pxabVWwekfRHF5Ur7mAhVSUyCmeg89Fw7hGkOBgoDvfXEQeYDW2kFkNWHljYVgHslNqvT9XYP5pl4H1PhAsICncgE7unlZxO9OHBm9S4TnKIEbeIkQHzQ7AYoAzyrLFHENIr7j55ZbChlT-P0o_TeGw8A05N-6MWxe9Q7cjUqI7xwmZEeP-sE66FD9Slf2yKCyeupASJPcs4CPuUP3zxp8ud04PW98DaLz55ymgrbWAY7zkeHs3naoaG2l_rz41I-DMPJxRF63dT_NElBaBYf4RJq5boY1IGMA7QQm1H9QZ4HlD8w6HljkHGkz3uMI8gBM_6EEJscDFV1SjY_Ta4aKyy8cXoUTLuOQGA_pFdluUphsuxnRgPqjKux0UvfRqHoYJvJB4WGdi5mdYB2xbAQCah3G_iFL_PfaI80aXDUnQiWbW3PxmIZ3Y6DdBiJHdrrZm7NSswnoHgQy9Wq0oxY7zds-wxIiziU60MYvK7Y2dTANWtjzKic5NxSgEMv0mijFcNew94FYIKdCbtotUikl7QrZWnP5Cgs2nlvkdYSLjl_VXSjnFF2y_Sch9jbLv4Hw&sai=AMfl-YQCIJyC7rGJ5Wd6yXY1tKne_LV9VL-u1i32ORovbLb_cuyuX0Y2wuIuIt69YDkFFXkZnzzLvuiY_xkQJElDra53dasrJDud0YUqjF4pw_37FstesdPvwF_OWbvBbyLWAtG4FtxO4Lgiar3uF23cZCQ1xZP4A9fZMWP3wyyxxzWabHFZHZG30dSY2VqoqdYK2uWvzjwuKaneitwJyDp_SA&sig=Cg0ArKJSzKGJulRfJVLZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=295&cbvp=1&cstd=289&cisv=r20220518.86661&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 22 May 2022 08:23:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7C6F
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJBuwuRi7An9z8IySbAd9EM&google_cver=1&google_push=AYg5qPKYQuBaOciwcnL6sPcfwxDLzkxr4RP_ibWsyKVEHc4HdbzxfB73zvIen-UzWneJRGrVld-fX...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPKYQuBaOciwcnL6sPcfwxDLzkxr4RP_ibWsyKVEHc4HdbzxfB73zvIen-UzWneJRGrVld-fXA2DiNpwUuuiC4L615k4SdFblg

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPKYQuBaOciwcnL6sPcfwxDLzkxr4RP_ibWsyKVEHc4HdbzxfB73zvIen-UzWneJRGrVld-fXA2DiNpwUuuiC4L615k4SdFblg

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 22 May 2022 08:23:19 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8FD98585844E41E6A325BB8A8E4EB76D Ref B: LON21EDGE1420 Ref C: 2022-05-22T08:23:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPKYQuBaOciwcnL6sPcfwxDLzkxr4RP_ibWsyKVEHc4HdbzxfB73zvIen-UzWneJRGrVld-fXA2DiNpwUuuiC4L615k4SdFblg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXflW+ljYs/IpPusUnP2A==

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7C6F 0
191 B 153ms
38ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENXTGsO-i2U3D0O2wRrQYT8&google_cver=1&google_push=AYg5qPKR1mkwRyVpNMjDl2RlFHow-Rar1DueCeEjJKCsZ1_PtfY4MOGXaomzVQnSv2M93XnwpfsX9xyRgc_u8uWhdian9PpP7Tx4rA
Requested by: Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7C6F
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJyio8HXHaqijCZexBKMcuI&google_cver=1&google_push=AYg5qPL9MZXxhAY2F87z5YYnoUiJxZyr_i9nT7artpec4TQLl8yCjNRJkCEx-1WuvTtS5Mxes9rANKkkW9ZWZdHC...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zQaFkTy1RmKtcIq8v-8puA2&google_push=AYg5qPL9MZXxhAY2F87z5YYnoUiJxZyr_i9nT7artpec4TQLl8yCjNRJkCEx-1WuvTtS5Mxes9rANKkkW9ZWZdHCf1R6mWUE0pWVDA

170 B
188 B

55ms
54ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zQaFkTy1RmKtcIq8v-8puA2&google_push=AYg5qPL9MZXxhAY2F87z5YYnoUiJxZyr_i9nT7artpec4TQLl8yCjNRJkCEx-1WuvTtS5Mxes9rANKkkW9ZWZdHCf1R6mWUE0pWVDA

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 22 May 2022 08:23:19 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zQaFkTy1RmKtcIq8v-8puA2&google_push=AYg5qPL9MZXxhAY2F87z5YYnoUiJxZyr_i9nT7artpec4TQLl8yCjNRJkCEx-1WuvTtS5Mxes9rANKkkW9ZWZdHCf1R6mWUE0pWVDA
x-host: tde-deliveryengine-production-5cc5c75555-tfssn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7C6F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECpm7Homcigk3Yg1D5PaMoA&google_cver=1&google_push=AYg5qPIy31tUYrN5ESJoFqU4Lwz6i8d87-scjWCOL32sWF3oYZ_JDewqXNpMRIg88AThJ5893r-1pZRrXvAvJm-craWo...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIy31tUYrN5ESJoFqU4Lwz6i8d87-scjWCOL32sWF3oYZ_JDewqXNpMRIg88AThJ5893r-1pZRrXvAvJm-craWoBk_Tocm83w&google_hm=WdH4KY_nTgeLG20fw9dCFA==

170 B
188 B

63ms
63ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIy31tUYrN5ESJoFqU4Lwz6i8d87-scjWCOL32sWF3oYZ_JDewqXNpMRIg88AThJ5893r-1pZRrXvAvJm-craWoBk_Tocm83w&google_hm=WdH4KY_nTgeLG20fw9dCFA==

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIy31tUYrN5ESJoFqU4Lwz6i8d87-scjWCOL32sWF3oYZ_JDewqXNpMRIg88AThJ5893r-1pZRrXvAvJm-craWoBk_Tocm83w&google_hm=WdH4KY_nTgeLG20fw9dCFA==
Date: Sun, 22 May 2022 08:23:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7C6F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELL7wzDhWNyZgVKRm3UT50s&google_cver=1&google_push=AYg5qPI1H6lLOR0xnY6fluEi4Sb9eH66nlTxtTb_Vy3t_uSklkQUZPBhZSuW8V4NCrnTLDB1ygk9to97...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELL7wzDhWNyZgVKRm3UT50s&google_cver=1&google_push=AYg5qPI1H6lLOR0xnY6fluEi4Sb9eH66nlTxtTb_Vy3t_uSklkQUZPBhZSuW8V4NCrnTLDB1ygk...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI4NTA2NDA4MTMxMTk4NzI1MA&google_push=AYg5qPI1H6lLOR0xnY6fluEi4Sb9eH66nlTxtTb_Vy3t_uSklkQUZPBhZSuW8V4NCrnTLDB1ygk9to...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI4NTA2NDA4MTMxMTk4NzI1MA&google_push=AYg5qPI1H6lLOR0xnY6fluEi4Sb9eH66nlTxtTb_Vy3t_uSklkQUZPBhZSuW8V4NCrnTLDB1ygk9to97obcEA7wPlNxBL95cavrp

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODI4NTA2NDA4MTMxMTk4NzI1MA&google_push=AYg5qPI1H6lLOR0xnY6fluEi4Sb9eH66nlTxtTb_Vy3t_uSklkQUZPBhZSuW8V4NCrnTLDB1ygk9to97obcEA7wPlNxBL95cavrp
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7C6F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDyrpRqny8TEhp9NxouokiM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yony9zytm3AI6FafCdYBFgAAAUkAAAAB&google_push=AYg5qPLoOrqjwpP41jByCW1sfyZooFi0YmoUQFfgzQrDAP58M6C67yXaEDcPbDBVuwAZ1aT4vPH1nxztecxPbe4ghJ...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yony9zytm3AI6FafCdYBFgAAAUkAAAAB&google_push=AYg5qPLoOrqjwpP41jByCW1sfyZooFi0YmoUQFfgzQrDAP58M6C67yXaEDcPbDBVuwAZ1aT4vPH1nxztecxPbe4ghJX1r2EPER670A&google_gid=CAESEDyrpRqny8TEhp9NxouokiM&google_cver=1

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 22 May 2022 08:23:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yony9zytm3AI6FafCdYBFgAAAUkAAAAB&google_push=AYg5qPLoOrqjwpP41jByCW1sfyZooFi0YmoUQFfgzQrDAP58M6C67yXaEDcPbDBVuwAZ1aT4vPH1nxztecxPbe4ghJX1r2EPER670A&google_gid=CAESEDyrpRqny8TEhp9NxouokiM&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Sun, 22 May 2022 08:23:19 GMT

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 7C6F 0
75 B 304ms
36ms Image
text/plain 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFqy5cbtL29e4VuMftbnP-I&google_cver=1&google_push=AYg5qPK3TZ0qpZZcL21YVf2LR35taHz80Arnt1030JpjHvBPwvGglkLzdyLI2ccPlByS1x40xT-_RFssyCVufjffwAc3nhMAXRtA
Requested by: Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:19 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7C6F 0
12 B 102ms
65ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeML0qBEYl0WvwcxiHqQYbmrD0vEq8hgoCN9uwEmCmu1M11Uhs4TqvnqGMVFIkm0cBppiI

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5825321732835115008/ Frame D128 92 KB
25 KB 135ms
66ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ddc95507676c16045fd509f101f5dfe5e57b1c28a5b55cebe9b857deb7f7d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:19 GMT
expires: Mon, 22 May 2023 08:23:19 GMT
last-modified: Wed, 27 Apr 2022 09:23:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3E40 0
64 B 92ms
85ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv0r_6uA0dmuvEtzL7fEo1Mle0Sw9Dnr53CCH_LqVjy7Yje1jpv6fJsvDyLVOotLWvurUxX1LtAfwjnwpqMUaE-fse40Dam_MRHL3sh8Cgqe-S6iyrgA0n-Pf8vnWHw8lfoLCpnO011NKDykcSU5NolOS-5ya_26fFiJBwABPAmyFk4xFWslOxpNTqHgH0_fOl5_IGJLnDd4tMNiyAvFCNHbjO0tkzqVV3lzv60B9qz_16gTkWkktDWz2f7fvofbIdHMM-3mzM7nKbQuiEm-lrqS50YWKjCYVyYil8ntso780h9rWcv-dMi0lHo21liYCbXQpRtRyAM4CF4VT1AvZ7piu5YUA1t3IrMpAZ2HQ6NZV0jslCLrmt_Jh3eDut4driOXq-WbHMz1ezRVLB7eEXv9n3CMGnVhhnqw1yAgG7PXjZeC9JUhcpxNsXpwgPExya_bYfROlNwVsd-Ir7IkerKw_OZFzzTirgwNFaLX1B-aIxCv8NUFUqD4jcH_8Y9CmUkmlnkqoiDGbF-zAawsyj4cDURjw1wIUYb-_ZPMqRFODt3f-VMx9DaeLpUGrZGJPV5hTSsIIpibZU3PhpGWPiFCnpp-NawoiVzE2poEoXawuzgZA5Dy-r63UAPYZfajMtGL9pjiHw6rirBivK_i6R-Pji-lOa__u4dW4duwYt6RGJ3XfwiuI3mMxDyPQikjdJWsZxswPdyGFLMM3EfL7qfZmP0BAMPeANEJixjGkJK3m52_SnbUSLpOJfGWo2udKVlLV9jPj4t-i6if6v7d0VMqiZjedlfCAWzzfB1YW7mS4tkdc42Y5lcDeKyhd7m2yaj01aDLOLq9yw_53DqOiufV-h9EouCazfB3gHCEbisnDLNtzuVb0S8YwDfUAZog9Fc_uhsuFA3pWokEHLhlx9-uvTnnSlr5R_DUIED8z9G2GthV6h1ps2f_h-a6hAuhcLMJ3SdoO77apRa1oIdHus6rBZ3HpAFgJfksJFxwsIHPS62lrQjkYF3bfVe8u9VRd3WulkdalFHWJQXmU47-b2bkxXGLeBM6vwXgzjBKbCNvhMzWVblsRqGJbwntTqFS9ATw4WCZ7Hw27PzeEfMmcN_Wte1PM9LgaJ2hPA4bGA_Y6BIV7jNZmBA4Gx2thK5CLyIM37jE3SjqxzOHbFu-E_u6Am6Gdil1j1eKpLpriClO6hnX_qPV8IRG9MsF6fRWlX_c46jWsxNSq58wB4VcHY-xQWD-WYZqwcSOi7U22oTnqtWWk7VENiQxkqQhuWW1Hs-3-7jRYqUPPkFRYMUe_qOuqg4P9cnTOHNJ_2iNF88dWWZ_ZsaShVrx3ZA7cwWBy8vawn4CQ&sai=AMfl-YSwkkDCkMjj6lbm835irE9TVOKYSl2sHPQuQGHb3qGm2i9dxnSXewbHWGTMREyk6zcox_ctYGVzWMELX4vPV6wKoclxcvyiaHsxVSXeT08QztGWaFpdmyapcUFYcrC4J7k6g6OlKHZkqRSCsbuYtvGDKtZOuRaSS-KZ4v3LQotmistIMP0xx2gFJIB1XNscpiWMtRH7ytnCAUpCCvEyOA&sig=Cg0ArKJSzOodMItOpeTLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=301&cbvp=1&cstd=297&cisv=r20220518.61473&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 22 May 2022 08:23:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dpixel
cms.quantserve.com/ Frame C7E4 35 B
362 B 45ms
42ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGLi1Zcc4-8gK32VEYeh-w8&google_cver=1&google_push=AYg5qPIPIB1kY5soHfmJH-o0Zt9saEuU870xVbYM5d273pdzonq8sV5AEImsJo_Ta7AIJZKDjYcfbgANXQaMnm1_NKcPUusKZEJrIw

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame C7E4 0
104 B 189ms
69ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGfUrm1X3FtrNfsgxEqwDrQ&google_cver=1&google_push=AYg5qPJ6aDbYu8QQxWRDRn532DbzxK2TAQgqlx3cXTLstyQFnQpMe2r0oF15AkuEG8kO-5_iIFDjiNIEXjSUGoAf8eQf4QkCEHIR
Requested by: Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7E4
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMPwwcGW1je3-85tfaS5Z0U&google_cver=1&google_push=AYg5qPI_ztDyMKaXgnIVgEcS3B6SDkikULIJtg4V6WA3es6S9lKrhZWZtERJlZPmV3rm7HNjGYPhfm5XLOl4mu_PdKwIcfzWOK373Q
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24AC5F5DA5344D0B9E20D36379FE01B7&google_push=AYg5qPI_ztDyMKaXgnIVgEcS3B6SDkikULIJtg4V6WA3es6S9lKrhZWZtERJlZPmV3rm7HNjGYPhfm5XLOl4mu_...

170 B
188 B

53ms
53ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24AC5F5DA5344D0B9E20D36379FE01B7&google_push=AYg5qPI_ztDyMKaXgnIVgEcS3B6SDkikULIJtg4V6WA3es6S9lKrhZWZtERJlZPmV3rm7HNjGYPhfm5XLOl4mu_PdKwIcfzWOK373Q

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 22 May 2022 08:23:19 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24AC5F5DA5344D0B9E20D36379FE01B7&google_push=AYg5qPI_ztDyMKaXgnIVgEcS3B6SDkikULIJtg4V6WA3es6S9lKrhZWZtERJlZPmV3rm7HNjGYPhfm5XLOl4mu_PdKwIcfzWOK373Q
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 21 May 2022 08:23:19 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7E4
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPJe7k314ltiYlxwGLYa0tw&google_cver=1&google_push=AYg5qPKjAo1UaLLnAegzYgTqqCl52jpBWQsbviPI19Nc50bwW9K35jY_YXj2NgkFMzJKAtJvDYrUByTbP-I052pIQ...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPJe7k314ltiYlxwGLYa0tw&google_cver=1&google_push=AYg5qPKjAo1UaLLnAegzYgTqqCl52jpBWQsbviPI19Nc50bwW9K35jY_YXj2NgkFMzJKAtJvDYrUByTbP-I052pIQ...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKjAo1UaLLnAegzYgTqqCl52jpBWQsbviPI19Nc50bwW9K35jY_YXj2NgkFMzJKAtJvDYrUByTbP-I052pIQw8Xt2htuO8w5A&google_hm=Erp3sGZHmj9xCrYMTQ-q...

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKjAo1UaLLnAegzYgTqqCl52jpBWQsbviPI19Nc50bwW9K35jY_YXj2NgkFMzJKAtJvDYrUByTbP-I052pIQw8Xt2htuO8w5A&google_hm=Erp3sGZHmj9xCrYMTQ-q2xzt

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 22 May 2022 08:23:19 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKjAo1UaLLnAegzYgTqqCl52jpBWQsbviPI19Nc50bwW9K35jY_YXj2NgkFMzJKAtJvDYrUByTbP-I052pIQw8Xt2htuO8w5A&google_hm=Erp3sGZHmj9xCrYMTQ-q2xzt
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7E4
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEI34vCK1Wo64jNz5gwMAlx0&google_cver=1&google_push=AYg5qPK17uDZJtdeSRytTvGtDdGHjY9Z3YO5p5Q_a2OGrWqwdsdwwo5B1d1m3aZT6n7wpPO94ESeF8UyPtBElkez...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK17uDZJtdeSRytTvGtDdGHjY9Z3YO5p5Q_a2OGrWqwdsdwwo5B1d1m3aZT6n7wpPO94ESeF8UyPtBElkezMzFCus8oTghHbw

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK17uDZJtdeSRytTvGtDdGHjY9Z3YO5p5Q_a2OGrWqwdsdwwo5B1d1m3aZT6n7wpPO94ESeF8UyPtBElkezMzFCus8oTghHbw

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 22 May 2022 08:23:19 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK17uDZJtdeSRytTvGtDdGHjY9Z3YO5p5Q_a2OGrWqwdsdwwo5B1d1m3aZT6n7wpPO94ESeF8UyPtBElkezMzFCus8oTghHbw
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: crktuKkzX_j2hvnwDvIq5xkifuAZZZMIcImaHKLrLM4EH2VxqXMdOQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7E4
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENy3yac3q26PZmn1SL9t4qk&google_cver=1&google_push=AYg5qPJYQrJIMp_xhh_-fqct1C_ycDv8Hvk20FRfZvK62m3jmW7ttduMc_0xBoKz2zce_KBKzH3mHqjxrATU...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJYQrJIMp_xhh_-fqct1C_ycDv8Hvk20FRfZvK62m3jmW7ttduMc_0xBoKz2zce_KBKzH3mHqjxrATUdVBf99AId3D9Tvc_uQ

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJYQrJIMp_xhh_-fqct1C_ycDv8Hvk20FRfZvK62m3jmW7ttduMc_0xBoKz2zce_KBKzH3mHqjxrATUdVBf99AId3D9Tvc_uQ

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJYQrJIMp_xhh_-fqct1C_ycDv8Hvk20FRfZvK62m3jmW7ttduMc_0xBoKz2zce_KBKzH3mHqjxrATUdVBf99AId3D9Tvc_uQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C7E4
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEFFHCgd1Oc8I3OEwtuyxTak&google_cver=1&google_push=AYg5qPKVgiDGksOgn6pz3VhQRIKOrLJqgdwfsU4kkYI6ooMrmlkFc07cl4Xq_OGRVmvrk9nnfZqVlYkz9w_kcOEbEHCO52...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEFFHCgd1Oc8I3OEwtuyxTak&google_cver=1&google_push=AYg5qPKVgiDGksOgn6pz3VhQRIKOrLJqgdwfsU4kkYI6ooMrmlkFc07cl4Xq_OGRVmvrk9nnfZqVlYkz9w_kcOEb...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TIjr9wOsRxO2FD89I8x8Sg&google_push=AYg5qPKVgiDGksOgn6pz3VhQRIKOrLJqgdwfsU4kkYI6ooMrmlkFc07cl4Xq_OGRVmvrk9nnfZqVlYkz9w_kcOE...

170 B
188 B

54ms
54ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TIjr9wOsRxO2FD89I8x8Sg&google_push=AYg5qPKVgiDGksOgn6pz3VhQRIKOrLJqgdwfsU4kkYI6ooMrmlkFc07cl4Xq_OGRVmvrk9nnfZqVlYkz9w_kcOEbEHCO52wax-O9mQ

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TIjr9wOsRxO2FD89I8x8Sg&google_push=AYg5qPKVgiDGksOgn6pz3VhQRIKOrLJqgdwfsU4kkYI6ooMrmlkFc07cl4Xq_OGRVmvrk9nnfZqVlYkz9w_kcOEbEHCO52wax-O9mQ
date: Sun, 22 May 2022 08:23:19 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C7E4 0
12 B 87ms
62ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2KfrK_uw-SEQPWXuxwArv2mEat71YXgsbs-Ixf5JSlsc_wPThvZrCN6ydTwwngufgpKVE

Requested by

Host: e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
URL: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame DA3B 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 06:10:10 GMT

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 7126 35 KB
13 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 06:10:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A905 3 KB
627 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

127971f0d7e0ac5bc266c81c7a858e1ecf84e318238f2d36d2aec12dc6b6d211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 06:35:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 08:23:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 08:23:19 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A905 118 KB
40 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 10:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 May 2022 10:16:32 GMT

GET
H3 200 gsap_3.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A905 54 KB
22 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22005
x-xss-protection: 0
last-modified: Mon, 11 Nov 2019 18:08:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 May 2022 08:23:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D128 3 KB
627 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

127971f0d7e0ac5bc266c81c7a858e1ecf84e318238f2d36d2aec12dc6b6d211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 06:27:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 08:23:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 08:23:19 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame D128 118 KB
40 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 10:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 May 2022 10:16:32 GMT

GET
H3 200 gsap_3.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D128 54 KB
22 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22005
x-xss-protection: 0
last-modified: Mon, 11 Nov 2019 18:08:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 May 2022 08:23:19 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 76FC 0
26 B 94ms
93ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFxyDCniVTSa9DufL8P7sXLrgF_VYM_OaYYWOg3i8U7lq3c81Ld5NFcdTkZK89L1pexw40_YlAekmqPIxeSXCdi9TDByGcOZQ2kyNsty767K8oIdum1A4kV-k-kS6LfKAFZTbXQTFckH6meNFEFASHMD38HSXUwsZ25PTTf7lpu9fF7N9gAhHOkDucJ9Vj2V1e4LbkMAuj_xjx2O4DL3_aKALl72xxnPFk7rzl40QNL1n7c6Q_Is1dnPev7tuPWkYC6-9_HWeFT4xHn1ue6SMFvxqs7krtJaeN6l-Q4mbUja4Nsa5SFj3E-zeOSf-V8M_bLp7SHsRGhxNtU0nJ_5CK6w8S5CIzxdF_PsFZD3PQWxUgLHTnCc1iUFfRryUYQrPnsSHgUokRhpjiCmpCXMerMo_VR8LJAlyrsjj1Gbre5ejhjyocPqT9Z6-DCKyp6R0JMT3oiDJy12GW8kTXIMJ10F0r3Zqvw6ujGFJcgd03W5ZQ0Irg0jaKD_jUC497lxQ3vWAcdJHliT_AAYuowWfXdW9hTGLPZP8EvUTyCyIuWzZdqUHeCsgC46uGzxk7YD0ZXSFiJHEGjQXNKazH8AftMdjJK3PqxvQELr7wc1xYgnF4hfCkRl7RITnLWKVhBB5ZVOY9g7-YFBeQFHdoIHPhr3WuoywIPJFvXOgRA_J3XNvnc3lu7CoI4TKAKfSuPIMX0EIbKdf752RorPCIg9ZZfdMPX8WjtO2Q97JENE7wLyPjMCyeKvLO2qh8pxabVWwekfRHF5Ur7mAhVSUyCmeg89Fw7hGkOBgoDvfXEQeYDW2kFkNWHljYVgHslNqvT9XYP5pl4H1PhAsICncgE7unlZxO9OHBm9S4TnKIEbeIkQHzQ7AYoAzyrLFHENIr7j55ZbChlT-P0o_TeGw8A05N-6MWxe9Q7cjUqI7xwmZEeP-sE66FD9Slf2yKCyeupASJPcs4CPuUP3zxp8ud04PW98DaLz55ymgrbWAY7zkeHs3naoaG2l_rz41I-DMPJxRF63dT_NElBaBYf4RJq5boY1IGMA7QQm1H9QZ4HlD8w6HljkHGkz3uMI8gBM_6EEJscDFV1SjY_Ta4aKyy8cXoUTLuOQGA_pFdluUphsuxnRgPqjKux0UvfRqHoYJvJB4WGdi5mdYB2xbAQCah3G_iFL_PfaI80aXDUnQiWbW3PxmIZ3Y6DdBiJHdrrZm7NSswnoHgQy9Wq0oxY7zds-wxIiziU60MYvK7Y2dTANWtjzKic5NxSgEMv0mijFcNew94FYIKdCbtotUikl7QrZWnP5Cgs2nlvkdYSLjl_VXSjnFF2y_Sch9jbLv4Hw&sai=AMfl-YQCIJyC7rGJ5Wd6yXY1tKne_LV9VL-u1i32ORovbLb_cuyuX0Y2wuIuIt69YDkFFXkZnzzLvuiY_xkQJElDra53dasrJDud0YUqjF4pw_37FstesdPvwF_OWbvBbyLWAtG4FtxO4Lgiar3uF23cZCQ1xZP4A9fZMWP3wyyxxzWabHFZHZG30dSY2VqoqdYK2uWvzjwuKaneitwJyDp_SA&sig=Cg0ArKJSzKGJulRfJVLZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=577&vt=11&dtpt=282&dett=3&cstd=289&cisv=r20220518.86661&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 76FC 7 KB
5 KB 52ms
52ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

512f1cfb5394f75c7f0f2a63a501eb1b46352902ee62ef360de6411026b6eff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5470
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA99 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvb4bzHFKAetMl_N5ZpfCoCnr_pTJmhe-AFJ4ntIK45s8WSqLZXsw-peH05KTsUYqpUZErcyQEPEdBVfHh6WSRHvW_pPBPqr0TTBEsXXOUykM4nHCmiqCHGqWil&sai=AMfl-YTZzNraWOV3ZYfr6HPL00CJRnBAmXTY0sE-_89z0pHrcz3CpZi1iq41V8LQRPE62nQiNRxnt2Juxm3W&sig=Cg0ArKJSzFjLrYplnYOwEAE&id=lidar2&mcvt=1017&p=0,0,90,728&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3555305732&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653207798026&rpt=913&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3E40 0
26 B 77ms
77ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv0r_6uA0dmuvEtzL7fEo1Mle0Sw9Dnr53CCH_LqVjy7Yje1jpv6fJsvDyLVOotLWvurUxX1LtAfwjnwpqMUaE-fse40Dam_MRHL3sh8Cgqe-S6iyrgA0n-Pf8vnWHw8lfoLCpnO011NKDykcSU5NolOS-5ya_26fFiJBwABPAmyFk4xFWslOxpNTqHgH0_fOl5_IGJLnDd4tMNiyAvFCNHbjO0tkzqVV3lzv60B9qz_16gTkWkktDWz2f7fvofbIdHMM-3mzM7nKbQuiEm-lrqS50YWKjCYVyYil8ntso780h9rWcv-dMi0lHo21liYCbXQpRtRyAM4CF4VT1AvZ7piu5YUA1t3IrMpAZ2HQ6NZV0jslCLrmt_Jh3eDut4driOXq-WbHMz1ezRVLB7eEXv9n3CMGnVhhnqw1yAgG7PXjZeC9JUhcpxNsXpwgPExya_bYfROlNwVsd-Ir7IkerKw_OZFzzTirgwNFaLX1B-aIxCv8NUFUqD4jcH_8Y9CmUkmlnkqoiDGbF-zAawsyj4cDURjw1wIUYb-_ZPMqRFODt3f-VMx9DaeLpUGrZGJPV5hTSsIIpibZU3PhpGWPiFCnpp-NawoiVzE2poEoXawuzgZA5Dy-r63UAPYZfajMtGL9pjiHw6rirBivK_i6R-Pji-lOa__u4dW4duwYt6RGJ3XfwiuI3mMxDyPQikjdJWsZxswPdyGFLMM3EfL7qfZmP0BAMPeANEJixjGkJK3m52_SnbUSLpOJfGWo2udKVlLV9jPj4t-i6if6v7d0VMqiZjedlfCAWzzfB1YW7mS4tkdc42Y5lcDeKyhd7m2yaj01aDLOLq9yw_53DqOiufV-h9EouCazfB3gHCEbisnDLNtzuVb0S8YwDfUAZog9Fc_uhsuFA3pWokEHLhlx9-uvTnnSlr5R_DUIED8z9G2GthV6h1ps2f_h-a6hAuhcLMJ3SdoO77apRa1oIdHus6rBZ3HpAFgJfksJFxwsIHPS62lrQjkYF3bfVe8u9VRd3WulkdalFHWJQXmU47-b2bkxXGLeBM6vwXgzjBKbCNvhMzWVblsRqGJbwntTqFS9ATw4WCZ7Hw27PzeEfMmcN_Wte1PM9LgaJ2hPA4bGA_Y6BIV7jNZmBA4Gx2thK5CLyIM37jE3SjqxzOHbFu-E_u6Am6Gdil1j1eKpLpriClO6hnX_qPV8IRG9MsF6fRWlX_c46jWsxNSq58wB4VcHY-xQWD-WYZqwcSOi7U22oTnqtWWk7VENiQxkqQhuWW1Hs-3-7jRYqUPPkFRYMUe_qOuqg4P9cnTOHNJ_2iNF88dWWZ_ZsaShVrx3ZA7cwWBy8vawn4CQ&sai=AMfl-YSwkkDCkMjj6lbm835irE9TVOKYSl2sHPQuQGHb3qGm2i9dxnSXewbHWGTMREyk6zcox_ctYGVzWMELX4vPV6wKoclxcvyiaHsxVSXeT08QztGWaFpdmyapcUFYcrC4J7k6g6OlKHZkqRSCsbuYtvGDKtZOuRaSS-KZ4v3LQotmistIMP0xx2gFJIB1XNscpiWMtRH7ytnCAUpCCvEyOA&sig=Cg0ArKJSzOodMItOpeTLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=626&vt=11&dtpt=325&dett=3&cstd=297&cisv=r20220518.61473&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3E40 7 KB
5 KB 52ms
52ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bee576c385b6ae91fea4aa46c1ee5fe03d1040f22a418d66d91595a94abdc5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5544
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 76FC 17 KB
6 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 08:23:20 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A905 7 KB
5 KB 55ms
54ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97994466e114351598443f672961354e84dd21bffdfee1565bfec280a88dc80e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5545
x-xss-protection: 0

GET
H3 200 prod_studio_01_247_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame A905 31 KB
10 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 09:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10616
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 May 2022 09:34:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA3B 0
28 B 76ms
76ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzBi79_KJYsnVC42a-gbp3LvYAwAAAAA4AeAEAg&bg=!HB-lH1vNAAZ4vKt9WLw7ACkAdvg8WnLZDWBgPp03DiDnyqWvSQL8pjs14cdKr5laftvYX93Ol16XXgIAAADfUgAAAAFoAQcKAJPfCnj-mkng38vb0vCmkuLrR9w7_Lik0ulQOjm51sEg18D-hL1ngtmnbO5VqrqQuumsDmkYIgmiM9Xd7y9xJTE1VYnST6zkG2dnzHBYdu-qP0Jg93RDiHn3GD82Euf85aRs6ZKQCY9Pbt6TKK-JHdc-huBniaDO7PDHCiyFXN3DsIlC7jKiS5HtUvtL-vNMFsn5hZiZAuKlT_4OxhF65S36crAkPd7gkBYMQFZMlvtY3YLaAYpm6rs9mXRaJu1ULB0KZq6-NE8F3DQeC40V9uZYmoewQLflqmovaWUPL5M7PhdQE343WALc4AX16J9THQ6aQous3wm6GLEYvfkHd1hVDTDxMAbcvPhzRLdBfHJJENaQEPzt3e9tVtZoELxjIwnGQPK8aYaGeOTi1q9Uu2va36STyoNFr2RbkTk2rvTShCWUW9J_jIwGM2QHe0mgD6S7HRXpxo25K27aP3qx60E5WtF66KBi_WM5yaAd5q9n5w9hFzaquYPoecvwkxcY9JDj_uW-09BCRCq34WfUeK0YOkF1DE9uNYYl0nmyX5aUY34QqY10r9vgujpEynyisi7euhlY-Js3kJZhrngUgiIpXQqjoF6pDsQ5L-iZlgI8KoY52gwvTHOve0rn7hUesAi5VoGsqQX9N3Pi7_7yPehmqpSIZNmsMG-Q2Gjq77yGmnb8i9yflaszYInbu06BnBihh2S8pBsKkQ0oVK37ub6nNtiQxXe7Ke2sO8b7wmRk6_06s4KC_hqNBiXwYgO6YKubVg7eS4hheWAtKGvFhCMjoeSpmzkcnnTvZbuC1kifmeNXbjL6TeDNI9AdujJlzFncoRSw-2RMI4AIvgdXcKEzgUpyh_4Q421pHVr51Y63XT4yIfu252D0xlVTSMPk02WqHKnRXEoWA837eBqTYastgGpkKrx6V2jZia4z5WcWrBk3R1meArfRVgsZNJzK4H80P5hkLVeVFYOo1n8pjcb28wKRXHXl_TbAJp5iVhlOeUqsfcUnQb7Mt7K3zlLk_8rNeNKFrJEXOPNrHres2Mu_SUDGCM6W20eyK2fXrHmThnSRfOIYZzjziobHl5sdr-iC-YFYqF21-8CBSj4UH7B1hJqxYO1oM_2BspEeTQkAImy10C4lMqfwmhyp43hL36e6z197bQU-ct-mfn7l98xAPHLT7c-8XCw

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D128 7 KB
5 KB 53ms
53ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6baee24e70d3b8e5985ce7a3c4fb4a618bfde6b50b1647a07fee3bac86fb5530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0

GET
H3 200 prod_studio_01_247_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame D128 31 KB
10 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 21 May 2022 09:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10616
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 22 May 2022 09:34:30 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3E40 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 08:23:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7126 0
28 B 76ms
75ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVgeG9_KJYsqkDNj43gP-v7KgCAAAAAA4AeAEAg&bg=!OTqlOn7NAAZ4vKt9WLw7ACkAdvg8WtdGjYCksrMUXA7zdYmfnQNmSBg4pGf9--fZGKqEX5OZJU3qZQIAAADfUgAAAAFoAQcKAJx62jTQmQzzNvKrVnd7ilWIV1oyGVS5Nng2n8xtXd3HtdAug18pf5UIwZ6oy--WHWbnvVqzQu6hRaZvB7M4Ts9JV7qPL8emrUJrwuHBwaAL_PJzyAOXvxpSGKiQa4qXtXTltBJ8Nb4-n1cVLhnNoIVq-XDB6ov97n24WMCf2PGg3dLHYZHWbRP6QOte5f0Lnm6C1iC-jfACuPzQfFOZAujXzh3ZmyQdiRB0xHsqUJED8OaWcFIXdvA3X4_hWv01ROn6hNjMkP02n_gLUgkq4ZE6fKMvcjryQAHRRvJf4ZbDi8nIaSGDee542rmEpaEaI7LT1cCrlZ1CNPzLVDrykmEDwixgM_TDiLdsGrHccJ7RUxnhQ9X6JwoUAJ8BzUzUvwJPk3id-US3SbkcF5BiNiS13Rhwimz024oXmidkL5O__z-qomTJk0obyQG5DJPTmMm7bHuGvJgAlYLVC5GbEZ3kNoy36VKXfLM5cM2daasUNX-Zs8upZOTE5MsDkKhM5XI-Qht9n4-GqrrrCFeu5Oty_o1ah8cF1Da_K_fgCHC10neuJAlyY-us2oLW9UHLiczyB-aiJMBKhhucIANFufc7kDIPHx03ZXvILnXmN3W3XkXFYP-Jf7sfq1SJfqeQIBzZP3NGBK5Iql9mVWgCAqyqG7Lb-nx7vox1SzV2tYwu9q9DBu7qpV5d35znXFie9Xh4zqbjuofuXy2nbF9OvEdZEZhH7sdEqS7INzHJn61DLgwi2TNUO3afZeEvzFrS38UboFuYEyyHSAm3Z7lD2IvRK4NFPxUYygZlyCsp1QK6aL5XulE2NcqPpfaKWAUfG2EEnyOuF15wfEyn0-fYWnicExqL4SSWN7cHJipbW0wpQ-4ps7ROfRbaJn7bOEHK39LnMiQjuntS_0o_O8FCohULCw53A2DaMxJa2PpTlTfPODQ139coWbJLifwbZID7edu8whgay9nNu__Q0FlQ_xHTnkNcwwaKLXybzx56j3feOzTBbCs4B1m-Qa_Xf-koU21hw1wRycLQUhNKnp9vsX0AjxTPFIVKdUB9oBnP0OpA2V8e7dzBn6PZSqkm-HSrJ7d9K3ZfUxxEJONSI0jmZAqk8PyHMmPJ_A8eYI2YgfumEVjLTMQgRHbLthdlPNCNOorZQGpzmzuuQIDsRB7UGc_xvr4ImptAvL7VGWKDsuE0lePNpkuyZNo

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame B96C 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 06:10:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A905 17 KB
6 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 08:23:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D128 17 KB
6 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 08:23:20 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5825321732835115008/ Frame A905 2 KB
1 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5825321732835115008/logo.svg

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0fe0dabaf5e69e88b98234e97cdd6b5dd26560b787c051167a3e9eddfbc284c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 22:00:40 GMT

GET
DATA 200
OK truncated
/ Frame A905 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 5504455106866337738
s0.2mdn.net/simgad/ Frame A905 335 KB
335 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5504455106866337738

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a53b43c2db6958709beba3422c26397024b82297c3dcafde869862887a5f1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:04:54 GMT
x-content-type-options: nosniff
age: 209906
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342890
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 11:21:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 22:04:54 GMT

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 5677 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 06:10:10 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5825321732835115008/ Frame D128 2 KB
1 KB 48ms
47ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5825321732835115008/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0fe0dabaf5e69e88b98234e97cdd6b5dd26560b787c051167a3e9eddfbc284c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 22:00:40 GMT

GET
DATA 200
OK truncated
/ Frame D128 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 5504455106866337738
s0.2mdn.net/simgad/ Frame D128 335 KB
335 KB 48ms
48ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5504455106866337738

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a53b43c2db6958709beba3422c26397024b82297c3dcafde869862887a5f1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:04:54 GMT
x-content-type-options: nosniff
age: 209906
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342890
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 11:21:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 22:04:54 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5825321732835115008/ Frame A905 2 KB
1 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5825321732835115008/logo.svg

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0fe0dabaf5e69e88b98234e97cdd6b5dd26560b787c051167a3e9eddfbc284c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 22:00:40 GMT

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame AEC8 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 06:10:10 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5825321732835115008/ Frame D128 2 KB
1 KB 41ms
41ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5825321732835115008/logo.svg

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0fe0dabaf5e69e88b98234e97cdd6b5dd26560b787c051167a3e9eddfbc284c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 22:00:40 GMT

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D39 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 06:10:10 GMT

GET
H3 200 5504455106866337738
s0.2mdn.net/simgad/ Frame A905 335 KB
335 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5504455106866337738

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a53b43c2db6958709beba3422c26397024b82297c3dcafde869862887a5f1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=0izlzEfI0k&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:04:54 GMT
x-content-type-options: nosniff
age: 209906
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342890
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 11:21:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 22:04:54 GMT

GET
H3 200 5504455106866337738
s0.2mdn.net/simgad/ Frame D128 335 KB
335 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5504455106866337738

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a53b43c2db6958709beba3422c26397024b82297c3dcafde869862887a5f1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=asaatrgE7M&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:04:54 GMT
x-content-type-options: nosniff
age: 209906
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342890
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 11:21:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 22:04:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AC94 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubYCeO2PNMeUD9MpeTL-YOG5CT6TJQbMxEday4Gn5pvphyJ5Yx3RVojMBakpJykV118ETvc6MvuZIG70mYdA8cXqk5A7oraPN9iMdgsWDosBg4pebsnTVDV8uO&sai=AMfl-YRm-Gwgq0goZvsJ7cQRrEta-8ADhzRzlRcIBeQGQlgqJwTbX2zAzX7_naYyf-yTzBTqBcj12JkoiAUp&sig=Cg0ArKJSzHHnbxsNXdnHEAE&id=lidar2&mcvt=1036&p=0,0,600,300&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2236407440&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653207798067&rpt=1213&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 829B 0
0

GET page.php
web.facebook.com/v3.2/plugins/ Frame C0A1 0
0

GET /
exchange.informer.ua/informer/stat/ Frame D799 0
0

GET /
exchange.informer.ua/informer/stat/ Frame 63EF 0
0

GET /
exchange.informer.ua/informer/stat/ Frame 5CE2 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 57ms
56ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4b4ea436abf417bf0da46268d4e33a57f7b3377dfc474bb77b0b6296a027565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 08:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10617
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 08:23:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B9E3 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 4274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 07:12:06 GMT
expires: Mon, 22 May 2023 07:12:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C24C 783 B
534 B 50ms
49ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c9bd07079b3ee7453f21b0c25d9a343849a22adb127982812f97064bdf9b97a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qzasy89UOpp7a0UfAdVofw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-qzasy89UOpp7a0UfAdVofw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 08:23:20 GMT
expires: Sun, 22 May 2022 08:23:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js Show response
pagead2.googlesyndication.com/bg/ Frame B9E3 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13723
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 06:10:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3E40 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0-YxVzGphmSV53VbIFsVlE8VScHdjJQU7S93LOmfFYBmaYcp8qwKNMnxP-fL5Os6YuF3SOZjTNy-4i-u7J7cY3NuAemfcQCZG_vVgSTWC6RsUHnApajdjz0vD&sai=AMfl-YSfLKe7C_VmVcahqOafzTGBVDQ6Oc0gwDXWx9j4m_s5KEw5raUtOSiwBaaAccS3qusQcKfjWGst3hRA_vONTXcpvUH4Gbkd2KgxKqrSaAEDMcs4E9Zp7WGTER8&sig=Cg0ArKJSzBdLLD0TUAO1EAE&cid=CAASJORoqzV4CQ_MgMVeN5nomgd-IpPt_QH1aR9nFzopnv3nzRSuNA&id=lidar2&mcvt=1008&p=950,0,1200,300&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1369039488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653207799073&rpt=446&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C24C 0
0 81ms
80ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=2859785435953071&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B9E3 0
9 B 41ms
40ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9MmAPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:23:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
91ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=2859785435953071&bg=!o6CloOTNAAZ4vKt9WLw7ACkAdvg8WtvHJLU_WeUDl8DRnM-aexo6dI1Pe2WrTn6A7ad-pr_0zkmUZgIAAACtUgAAAARoAQeZArFthX6GUr648dcwhaXFKe4JwQqT67cfO_vaYb1PGamAJ_xL-IC9246hg8e7H_GqwcUI3hMoxvXgaLiMWL61mSsJhWTCx5PInME7eykbPK6ENb7RVVhjGQr2brRacW-sF3FsbXoR3aStfA9l89xVYEpAWuxEOKOKAByI6K6WfNRu9c86-T_HpDIf84kquOiGI75Ac2xYeF072o33hDjUdj2smzneCZEN4OFYs5Aq0H-hMKZ5N4l3NeImKF7yLvqLTXELiQP_F-ub6bYJkNXGZ6Q9aWmVsbTVPv2VDZPQCaXtbD7EBBVWBYH9qrwMQieF-G8dLqG5vhyEaqQbbYIcTnbHtxr0wrSGufFWtQwOCUVlkZuypeONHcf-MDr7tjPH9ImWdUHCPhoQ40HvgTzicw7GYjhjgsaRwUU_JmBZR2xB85s3Sykw0gUeCf7hTtCzBPVEWSoU5ZT_HT-DYwItKNjlggFa3233bx9Cv4EA8xoJ_p4p8u82F5NEycj0WSe-NPIMhK7TxFLvZmPCNqOt479AI4N22mSilqVoYbSfqgnnXvp2a8w77xJcc68Nzo5bhY0SjMjSmA518hzYbwPEGsn4SITvDINAAg46uHIzBFvbVpFETS7FYuHwOqLelv7vkEVCqi6rOKUiVGEUJ7ZlvsG4WewUTvM78_XAKV6dgJPVmshzCsWUIoBzyPjY3_sj4js_Nx6bQjfivoceU2JbXcRTzRwT6gCDFplfILyvcTbEoOF6sx3cqcxRvAUnQnlX9acIt09peccR3vun3dnS0eFZ9U-P1nXbiU4LUcobEeffUruJ1YaTX7MbT2BE0lZLZgPEm5y9o-trkbOVYM2Br5_jcxSUwnZLn74tP8Jq0QhpIGsItoU-7LRnf-g2b_aZBqWtdPICK0_9xhUjXKYJc4eOfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 134C 42 B
72 B 82ms
81ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJlx6CEj2Vn4VJZpjZbO4xq_WkKQbqqogp-z52DSSYZxSFHMFw6zKeEduhF7sHxV5r2_Wsv0klRK41oXuSD2lwc0VB9oLThQHn77dEKWNaAFq5zXYpE8XGddUk&sai=AMfl-YRTyTI7aGE5bmfEINIS5vsSED6vfOuViPS2n0Agu1xmPiPYmogzsnQP7l-0LCJofFQ7WA0kRhj3w0h2YV3BfR4jljzFhPRg-KalEQgxEe_d22JqRnwy04zZr5sa0Lk&sig=Cg0ArKJSzAjPQM4uWfSlEAE&cid=CAASF-RoHQClc7MfXiK30uqb8fF7uFOQJ19k&id=ampim&o=300,950&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=5079&tls=6194&g=51.33854150772095&h=100&tt=6194&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3265072390

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 08:23:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1653207798&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653207797452&bpp=1&bdt=666&idt=609&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1405577575837&frm=20&pv=1&ga_vid=1093733952.1653207797&ga_sid=1653207798&ga_hid=476014890&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=2859785435953071&pem=858&tmod=553788700&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FGIZVajpKH&p=https%3A//kolobok.ua&dtd=614

Domain: web.facebook.com
URL: https://web.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df36dd93feff728%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff2ae60309ab034c%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

79 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kolobok.ua/	1969-12-31 23:59:59	Name: _csrf Value: 716b6f40b847c2e82d204bb168b92cbb5b27e2c6d5000cd1c2ce23a7be7e78c9a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%2206JvbVlsh_T5mTubaDHfVRpCcbTTvJf3%22%3B%7D
kolobok.ua/	1969-12-31 23:59:59	Name: b Value: b
kolobok.ua/	1969-12-31 23:59:59	Name: Value: store.test
.cdn.umh.ua/	1970-01-24 12:24:18	Name: AU Value: ca3d76db6ee6a08e
.kolobok.ua/	1970-01-20 20:44:39	Name: _ga Value: GA1.2.1093733952.1653207797
.kolobok.ua/	1970-01-20 03:14:54	Name: _gid Value: GA1.2.1211622103.1653207797
.kolobok.ua/	1970-01-20 03:13:27	Name: _gat Value: 1
.kolobok.ua/	1970-01-20 12:42:15	Name: __gfp_64b Value: BpYcFfv8Rrl3kucHbStotZoWG5TChFdjHBA7yK323dj.L7\|1653207797
ad.mox.tv/	1970-01-23 18:49:27	Name: moxuuid Value: 39ad68b6-4907-4603-8bbc-df4a35efd1ab
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_zone_imp[1566][count] Value: 0
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_zone_imp[1566][frequencyPeriodEnd] Value: 1653294197
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_imp[15343][count] Value: 0
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_imp[15343][frequencyPeriodEnd] Value: 1653294197
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_camp_imp[4843][count] Value: 0
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_camp_imp[4843][frequencyPeriodEnd] Value: 1653294197
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_imp[15262][count] Value: 0
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_imp[15262][frequencyPeriodEnd] Value: 1653294197
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_camp_imp[4421][count] Value: 0
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_camp_imp[4421][frequencyPeriodEnd] Value: 1653294197
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_imp[15189][count] Value: 0
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_imp[15189][frequencyPeriodEnd] Value: 1653294197
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_camp_imp[3964][count] Value: 0
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_camp_imp[3964][frequencyPeriodEnd] Value: 1653294197
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_imp[15239][count] Value: 0
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_imp[15239][frequencyPeriodEnd] Value: 1653294197
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_camp_imp[1949][count] Value: 0
ad.mox.tv/	1970-01-20 03:14:54	Name: _mwayss_camp_imp[1949][frequencyPeriodEnd] Value: 1653294197
.facebook.com/	1970-01-20 05:23:03	Name: fr Value: 0N74Ym04QWs89pKEO..BiifL1...1.0.BiifL1.
kolobok.ua/	1970-01-20 12:43:42	Name: __atuvc Value: 1%7C21
kolobok.ua/	1970-01-20 03:13:29	Name: __atuvs Value: 6289f2f5115d8fbc000
.hit.gemius.pl/	1970-01-20 03:23:32	Name: Gtest Value: KlSIOMaGQMGGPXipuvFhrTMissGMXP8c25nSG6A1o1DWXBG.
.quantserve.com/	1970-01-20 12:43:42	Name: mc Value: 6289f2f6-054fa-02c25-9a063
.hit.gemius.pl/	1970-01-20 12:42:15	Name: Gdyn Value: KlG_OMGGQMGGPXipuvFhrTMissGMZ19oL6nxmG7BxRPtw6aiGsRPtP7iGKGGqrpRgGb8EoG2GxGK4Fl_RFyGsG..
.addthis.com/	1970-01-20 12:43:42	Name: uvc Value: 1%7C21
.admixer.net/	1970-01-20 05:23:03	Name: am-uid Value: 7ccfe4cbc7f54598925dfd5c70fa54c9
.addthis.com/	1970-01-20 12:43:42	Name: loc Value: MDAwMDBFVUdCMDAyMzE0MTc4NzA0NTAwMDBDSA==
kolobok.ua/	1970-01-20 03:23:32	Name: am-uid Value: 7ccfe4cbc7f54598925dfd5c70fa54c9
kolobok.ua/	1970-01-25 07:39:25	Name: cbtYmTName Value: 8onQm5bQyNDBwcKTlMfDl5fKlsuUwsTG0I/p
.bidswitch.net/	1970-01-20 11:59:03	Name: tuuid Value: 59d1f829-8fe7-4e07-8b1b-6d1fc3d74214
.bidswitch.net/	1970-01-20 11:59:03	Name: c Value: 1653207798
.bidswitch.net/	1970-01-20 11:59:03	Name: tuuid_lu Value: 1653207798
loadercdn.net/	1970-01-23 18:49:27	Name: vui Value: 98350a6b3df0447d9146d378d0fa257a
.kolobok.ua/	1970-01-20 12:35:03	Name: __gads Value: ID=23cf48df19e84f70:T=1653207798:S=ALNI_Mb7AjjL4tLVInIb4wyooS3L3ufing
.doubleclick.net/	1970-01-20 12:35:03	Name: IDE Value: AHWqTUmO_ogTQo0CmYvScVNFeMbO9OtYfarSv_0mLc8PdOuaxNKVWANfoxDKWVrTTUE
.doubleclick.net/	1970-01-20 03:13:31	Name: DSID Value: NO_DATA
.mathtag.com/	1970-01-20 12:39:22	Name: uuid Value: aae46289-f2f6-4000-b79c-fe21c678649d
ad.mox.tv/	1970-01-20 11:59:03	Name: bdswtch_sync Value: 59d1f829-8fe7-4e07-8b1b-6d1fc3d74214
.adnxs.com/	1970-01-20 05:23:03	Name: uuid2 Value: 1604810911534507097
.casalemedia.com/	1970-01-20 05:23:03	Name: CMPS Value: 710
.adnxs.com/	1970-01-20 05:23:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In@tdF7f!]tbPl1M>e)ZlrFUfJ+tGXxpSb=hL!>2T5]VrI=ZE:[CZ>Mt(-b#s)@gKZV=3If)y3KL9D3I?+cA?QgV
ad.mediawayss.com/	1970-01-20 11:59:03	Name: bdswtch_sync Value: 59d1f829-8fe7-4e07-8b1b-6d1fc3d74214
ad.mediawayss.com/	1970-01-23 18:49:27	Name: moxuuid Value: 39ad68b6-4907-4603-8bbc-df4a35efd1ab
.casalemedia.com/	1970-01-20 11:59:03	Name: CMID Value: Yony9zytm3AI6FafCdYBFgAA
.casalemedia.com/	1970-01-20 05:23:03	Name: CMPRO Value: 329
.casalemedia.com/	1970-01-20 03:14:54	Name: CMST Value: Yony92KJ8vcA
.casalemedia.com/	1970-01-20 11:59:03	Name: CMRUM3 Value: 2d6289f2f72760CAESEODJ4vud8urIpJrKau64KW8
.bidswitch.net/	1970-01-20 03:13:28	Name: google_push Value: AYg5qPIy31tUYrN5ESJoFqU4Lwz6i8d87-scjWCOL32sWF3oYZ_JDewqXNpMRIg88AThJ5893r-1pZRrXvAvJm-craWoBk_Tocm83w
.quantserve.com/	1970-01-20 05:23:03	Name: d Value: ECcBCQGZJoEA
ad.outstream.today/	1970-01-20 11:59:03	Name: bdswtch_sync Value: 59d1f829-8fe7-4e07-8b1b-6d1fc3d74214
ad.outstream.today/	1970-01-23 18:49:27	Name: moxuuid Value: 39ad68b6-4907-4603-8bbc-df4a35efd1ab
.travelaudience.com/	1970-01-20 12:43:42	Name: _tracker Value: %7B%22UUID%22%3A%22CD068591-3CB5-4662-AD70-8ABCBFEF29B8%22%7D
.lijit.com/	1970-01-20 11:59:03	Name: ljt_reader Value: Erp3sGZHmj9xCrYMTQ-q2xzt
.simpli.fi/	1970-01-20 12:00:30	Name: suid Value: 24AC5F5DA5344D0B9E20D36379FE01B7
.adform.net/	1970-01-20 03:58:06	Name: C Value: 1
.360yield.com/	1970-01-20 05:23:03	Name: tuuid Value: 4c88ebf7-03ac-4713-b614-3f3d23cc7c4a
.360yield.com/	1970-01-20 05:23:03	Name: tuuid_lu Value: 1653207799
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:45:21	Name: bcookie Value: "v=2&a6e00f83-0202-4113-83cc-b6d468c21946"
.linkedin.com/	1970-01-20 20:37:54	Name: li_gc Value: MTswOzE2NTMyMDc3OTk7MjswMjG9S4Cbn/fRE+h+AR+OPqfQVyx7V8I2DZsaMxdT+p+8vw==
.linkedin.com/	1970-01-20 03:14:54	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2714:u=1:x=1:i=1653207799:t=1653294199:v=2:sig=AQEdw266P6JJaztNzS6WRKhmF1_7Bz7S"
.adform.net/	1970-01-20 04:39:51	Name: uid Value: 8285064081311987250
ad.adopx.net/	1970-01-20 11:59:03	Name: bdswtch_sync Value: 59d1f829-8fe7-4e07-8b1b-6d1fc3d74214
ad.adopx.net/	1970-01-23 18:49:27	Name: moxuuid Value: 39ad68b6-4907-4603-8bbc-df4a35efd1ab
ad.invamia.com/	1970-01-20 11:59:03	Name: bdswtch_sync Value: 59d1f829-8fe7-4e07-8b1b-6d1fc3d74214
ad.invamia.com/	1970-01-23 18:49:27	Name: moxuuid Value: 39ad68b6-4907-4603-8bbc-df4a35efd1ab
ad.vidverto.io/	1970-01-20 11:59:03	Name: bdswtch_sync Value: 59d1f829-8fe7-4e07-8b1b-6d1fc3d74214
ad.vidverto.io/	1970-01-23 18:49:27	Name: moxuuid Value: 39ad68b6-4907-4603-8bbc-df4a35efd1ab
ad.vidver.to/	1970-01-20 11:59:03	Name: bdswtch_sync Value: 59d1f829-8fe7-4e07-8b1b-6d1fc3d74214
ad.vidver.to/	1970-01-23 18:49:27	Name: moxuuid Value: 39ad68b6-4907-4603-8bbc-df4a35efd1ab

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://kolobok.ua/(Line 1733) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n60941&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://kolobok.ua/(Line 1733) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n60941&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1566&height=300&width=400&tld=kolobok.ua&ctype=div Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://h.holder.com.ua/s?ta&bholder_300x100_6255&c1&r15864751&dholder1584315929&hhttps%3A//kolobok.ua/ Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://h.holder.com.ua/s?ta&bholder_300x50_6256&c1&r15864751&dholder1466079092&hhttps%3A//kolobok.ua/ Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	warning	URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adopx.net
ad.invamia.com
ad.mediawayss.com
ad.mox.tv
ad.outstream.today
ad.vidver.to
ad.vidverto.io
ads.travelaudience.com
adservice.google.co.uk
adservice.google.com
ap.lijit.com
api.phnx.click
bgstats.mox.tv
c.bigmir.net
c1.adform.net
cdn.admixer.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.syndication.twimg.com
cdn.umh.ua
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
e084094a14f777e3094369dfce24f306.safeframe.googlesyndication.com
exchange.informer.ua
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.holder.com.ua
i.bigmir.net
i.holder.com.ua
ib.adnxs.com
inv-nets.admixer.net
kolobok.ua
loadercdn.net
ls.hit.gemius.pl
m.addthis.com
match.360yield.com
maxcdn.bootstrapcdn.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel-sync.sitescout.com
pixel.quantserve.com
platform.twitter.com
px.ads.linkedin.com
s.ad.smaato.net
s.znctrack.net
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync.mathtag.com
sync.teads.tv
syndication.twitter.com
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
upload.wikimedia.org
us-u.openx.net
v1.addthisedge.com
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.cdn.umh.ua
z.moatads.com
exchange.informer.ua
googleads.g.doubleclick.net
s7.addthis.com
web.facebook.com
104.111.242.245
104.244.42.136
104.75.88.126
142.250.181.226
142.250.186.34
146.0.227.109
146.59.30.104
159.122.14.34
167.71.9.19
185.180.220.208
185.180.223.221
185.187.81.40
185.29.132.245
185.33.220.243
185.86.139.94
190.2.151.10
193.239.68.97
193.239.71.100
193.29.200.142
193.29.200.162
216.52.2.19
23.35.236.247
2600:9000:224a:9600:1b:5138:8a40:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:5614
2606:4700::6810:7daf
2606:4700::6811:180e
2606:4700::6812:acf
2620:0:862:ed1a::2:b
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:21::14
2a00:1450:4001:800::2004
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9d
2a02:fa8:8806:20::2010
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:90c0:41:2801::254
3.123.159.46
35.190.0.66
35.244.159.8
37.157.2.236
51.38.120.206
52.18.132.62
54.37.238.28
66.155.71.25
78.159.118.240
91.198.36.26
91.198.36.35
92.122.146.218
93.184.220.70
01dce02aff976143448860a408737e78411b9e778b298941cc2aae3e002da0db
02c30a2f8ab99e50290330ce2b9c3b7df9bcabbbd0f65442d2f929cb2fec3162
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0692722b63624ad9ff6c955228db259553745a12cea1ad597143c20ba5ec8c8c
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
0838aea55339bff6c16beb8916926a5f20f6e8f90e46aeeddfabf07883505398
085583262fc989309eef660f40bfcd1725cc57edb8cad2c03e95382ce3e0b50f
091105bb0811a882fd4f7fedb9e8dcf8a8fd0358106f000d7dd74cd1626dabe5
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bee576c385b6ae91fea4aa46c1ee5fe03d1040f22a418d66d91595a94abdc5b
0c98dfbf6932f27e0101df91561c8e1fd63a5ad8d09bbd809f36dd4f72acf4db
0cf67a88e4158309a7aec1613a776c80db3dc47769b1865ba427078bae937819
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0f848a290f961c843ef03cef1a88a70ed80158cae34a5ae44bd1c58d33fb9506
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11542660b138264fff792c93512ab36d96eed0b9d9c511609746064ab1310567
127971f0d7e0ac5bc266c81c7a858e1ecf84e318238f2d36d2aec12dc6b6d211
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
15f309eaf246ab052ecf0cd7552fdad6220b26bdf73f32ac776ccd928b2df9b4
179bd260b04d747143d18832fb926561c74c62c655e85b61f962a9082ab9d57e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b08bb511bf3964f8d4de0fae228cbffba0c4f34c7cad68173ab6872c71893f2
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1dd99df74c4660bbb4e5ce3f58670937863174b0197255465d79d35c3a0d1f05
1e2cdd35adb8491f57706ce297423b9bc436b9aabce0b35956c377847a0a17d2
1e99d1e6fe74443f70e6b1bb68cca578728ec9d7669c2ee3ecaef8239f6eb956
1f7c5b9fc7520d2735786380c08033a9d450b27ef40c0f660f03b615aecb2293
22da82d1cbd97e36fa29018fc8a8669d238cd378094f1217814ddcf51f85ced3
23cf8643e60f9e01b1bcf914c323f3861466997045f8aee8ea1c737f6fb5a21b
2514e6ad25375d07aaabcbe7e217c3c183992a9e622dc7e18c9a7f81a3b08c5a
254f33bb44c46523cce6e349f8ea4ec60151ca4337024b647502da496df48b9c
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29fe3cd2fb1834378598ba35b53a285bad18cd9d1d1a950f49efc8004629a99d
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2b6a43906e4f8419ea323898ce801894bcbee8a48e30b50d6fe232398c48ffe3
2b75c0d4b0cfce1862e1151e7f828a9be270c3f688727b3fcd7bd7cfc13a1652
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
301898d6bce363fd706de16a2d915e0382fc1a60d07b91d0ffd0609dd90b78a4
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f
3595d6fbb67329feef0aa259d40cf7dc3787ff1183b9b01f2535cf985bb2440a
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
35fd8976c95449e2fab9b80964acb6fbe8dd31c5989ad6b57a50e0a33065f4a1
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
38cd795f2bfd4a2fb71248087f1378784a2499c9d73ff01d3d00d5a9ee8609c2
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
3c2a2c527bcc789a360074edf27036757d7b6171678e49c0e8c7abb752787b2c
3cd114987bdc53fc937585b252e87ddd11b9b689cb2196483bff2fd0bfb6f7c6
3d0e0688bce02c69ba6b90992587f7b07a480ce525b34b1ff3a3206688cb9e5b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
491dd755fbd781902dba76933115fce6ed5850fea6b03c4dc46f66e5054010ac
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a45f75b15fcf4b0ffc9fe540be634207f8c368deec6769e6a6be43900b706ea
4a64c3f8968235caf4367a733443be4ab6274fd32383d31bf96f607d1f87153a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821
5012b288372c78879828e7e91d43af58b9da264ef5311dae959ed73818c3d9ae
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5083460fd3a067ce014eb6de7fd19dce63a82c4a3c1a70b7a53509980f3f6a1a
512f1cfb5394f75c7f0f2a63a501eb1b46352902ee62ef360de6411026b6eff3
51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5421bf15e6603b94900b8e41b46fd154c06da862a65d40feb989fd5f3caab699
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59b7f3bff218252c356e1b38ae9289a63b4f16a2d8196ea2222e0418b90cfdd6
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6229426dc56696a83cf13fb494d69bb4f7d6c7a53c425d37a90fe09b0a5ffb32
6427934c2fee6637679ce5ec5b21bef778502d9a349d9739fefe3b8985a116b4
6561492582bbe081089adbfde7ec550328e05831d4e6966411e87efb3b6a9dc3
66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6b0b941d729d1bb18820db89fd07d08a7aebd494158cd0c1d90bd9482ff9d0e9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6baee24e70d3b8e5985ce7a3c4fb4a618bfde6b50b1647a07fee3bac86fb5530
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370
6d966cd8b2db93140df1f54fc5a1fa2c4149206fe74ecb8dd6fc9e42c9c28a3e
71f7b22f7b615b6a6cb2240ba7516fb2e83d2028607d5983fd64d1b755fd11f5
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b
790bbddbc6772d94890e12c60ae68ca3985faae758e457c95b52b323920d1ab1
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a5e4d00ad7195951f911b10a551554eb79df464ac5799596c0176c2a07f7d9e
7b574c739c5edd85bd87bbf5cdd11d836a3cd763d6cdc73bfdd0062ba96eea0a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c646a843a8583d1d4d9176fe620e91e24851aed73600a2ee131d481a165935d
7d41cc80678502aaf3181f2f00f46553773fc0da93ab9290f2da2ae64720f1f7
7d6f723401d9bff849050ca1dcf1078c770a7e49a7491d5e3eadcff562a9d6d6
7ee90132b9d717786fa4eed463178d308827d1b34a81972ac3e23bbfcdccd5da
805e420bdc460b47e17b2003cdd0a02740a17c10e5e70213e01fc6bdf96d1566
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
81713b18ac491dd7127d6de73f65f1e2bd032f53e0c51a2f7eaa86719fdf1492
81c16a14b27fb0948e972b9682082c117b8515e30b7edc8144334e523ba41770
83256161be4addb3aefe369a31de46f42def521d423ab1b344883d49c2bd1953
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
84e2334be16bb9089e778602d19cbb11ad857ece94cfd7e18d1fd76792e88f5b
8542b7f6a83905880abe2bd34c191aaa1e06459cde1b5deaca20cb0f8d4ec679
86b67e98ae1805a0fa348e3e1d118a7b6661d66a6fd88609e8c7f59562a986a3
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8a53b43c2db6958709beba3422c26397024b82297c3dcafde869862887a5f1d1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b36b4daa26a130a8893c0ade843e3542251b7704af84b4504633ed52963fb2a
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
8f8971058530863cdfbe3d156d8d5c6f7a6a42d5884f4e82cde8e3692b91e535
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
90b0b4ee3790f67389fd0da7a5454e18ca3b8b8de0733e83fa6ab9f00ddb99c8
91ebc784c46488c46d8dfb7bdfd8b2908f369ffcac5c51dfb411d539720a52c3
928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac
97994466e114351598443f672961354e84dd21bffdfee1565bfec280a88dc80e
9a031ef206c3bca940371d11e5aee1f865b67b777edb3820e23b88b10b6b775a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d97f7a4b2edbb8f6a045125a686b58f5990f700c1a7aeabc8a90ec8bd3ba022
9ddc95507676c16045fd509f101f5dfe5e57b1c28a5b55cebe9b857deb7f7d49
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a217030796bef33135123061e7dc7f9b8b13ec065a59baffc6e609c1c8a1bdc8
a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7
a4117e569a95c360fea94a335983c9f400881f69a6819dc2d2c0a22386145365
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b4ea436abf417bf0da46268d4e33a57f7b3377dfc474bb77b0b6296a027565
a4ec23f627568cedd2389d195103767bc8abe6b78c1cc262e54c59492d14e834
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9aa80adf0c2356b9e6841f3320b6dc3a102ed9de62ddd42a04f05ec467c9622
a9c66fdf1ceba24566394390e94faa182b2c23ab4c2df2faf2fdda296b4f4457
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d76224d2d919a0d3e8950b5f754d60d84cb73037a463cdf0d61a52853757f6
b1eaea9c6437b097c1546e8cfbdcd1d10098170ea999bb9ad7b865ddf34baed2
b537ec724f66678291307a6f2d51e2e348519ef28a2f92468dd6dff0eb9481c4
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bbdb0a6b1bb666b306003d75635d4d331c9909ca6bd12aac1d52bb6893941780
bd62fd631f2f388a0ffb74ec23e67f2baf8816e8a9bc2df95ebad6f63a575b9c
bdb60be78f00d5a6a47e8f392b929dac4a19864748dad3df291c2308856415aa
be6613dda2ca59c3d2725ef7c7205cf0141adf31c0a0ae159328f951b7ab247e
bead87b2c8ee8424cda8e6d4dec906754c8b4c9860f9e8a84d4c62c3ba288ee2
c19222d9407900ab1e447dff7f37b680a5fa2b38fb476023fd683de540fee64c
c24f37ff564a8fad4604b9fb74aac57958b6f0e3ae724595e726cdfbfdee11d7
c6519ce17427524115e58b3bf121a724b092637c77189bfc098c4af89f61fb99
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8ac371ada16579ff27732791cc246a77d09c9084c27259a5ecb1eea46ffdf74
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c9779c7b61fbc1dd54800b971b134f4370c625e0e47f6d4360245bec3e89696a
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9bd07079b3ee7453f21b0c25d9a343849a22adb127982812f97064bdf9b97a4
c9c616de646e94b9adea60ef1e8ffe5246f82b82baa1e039b1b6007067791773
cd2056d3c5a5f9a087647154dc26dbed362a61b733a6cbc8d9e5330b4f4d4284
ced5cf6d29aec450e15a5a1a4d6a6fb7895b6c8e42c746343cd1fef77f5d24bf
cf7340f306764340d26c6589a92e2f08da87f0a5a07c986b0b310e466fcd8bea
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f1e4e77e17ce26fbc4740970cb36bf9c1448242bbed6725897c804ad099416
d2346fe1cea9d7410de2a0782a44ac91c3f838c4ab5a1d48cfc37addd77d5635
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d54ac0208d59cd7d261f9ad3c02558ad7cdad6785a35514e25e872d055d28ec2
d64eec5a40430a3540d6e7730ed54a0e656d2c6bce22ef605eb55598497acd8b
da280991c552627b879229b0fba6bc25a355f2065399a8865938626af1a05913
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
db3ce8768c4e10435d706169fbf1c5d3ed4703f01fd5d428abf2a4eb87a2e734
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
dc76f575703a2872a96148470cc3a04811b52167eb5c2283b9c8d145ac0b3211
de3e7fcab25d8103d31dea640867362bed737df932100d794426c96b03c4ac3d
e160069c6ad90b0add3720d36f0529793459fb0d966aa4d76959c090e7c5179e
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2f6aa26135e6be510a5c65a2d9df4205090aeef4756766026e1b389969fe2c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
e3f74fa7aec1b48cc29ab95fcdd73b2cb600b1cfd5ffbf167c99547e2d60eddc
e70792957a2d6b9fe4f3b638d557b304e23215b8031d9e14e2f61be37f008399
e8a48a1544e4335f3b2a0828302cf8060a576ea0e724c26af257fbfebc5c4f51
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
ec8667141421f91c2fa4c5867e4461b83a992afcffd6efc69b69293145668cfc
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ee2e0ab859a2b8ef9ff5b618be9e1bf0536f17fad6628085b07e2698dfbf070b
ee5416b91df2826739bc6fcd6107439a854672768c5bff64b959c1ed9aff11de
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fe0dabaf5e69e88b98234e97cdd6b5dd26560b787c051167a3e9eddfbc284c
f34383f0293f28938c6b08943c19efb698457b0564e92ef2e19ee96dc6b691ea
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f41e6fb98e691f251a7c4942ac3eee706dd8bcdd33e03047c27e67591a382fc7
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f80cadfcbd017e3bf204f6a7bf2d73ee7ab48f1756b833dba5f1fcf0b3fd35db
fac0e13bfe90135764a88b128aeba6907c4eb0bfba06d573329e13ca95e3d801
fc1cee21376da3a4fdf8f62d3bb1d46c80c763d447da7e7c07112f45eee09d3f
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
fe5f400fda141524f7440048ef4643dbd06fffce0ab780b64495c708411dd0b8
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ff564a4b779efa8e5278c47aa31db9d552084e4b37cca70d0470e39e0d6f4f11

kolobok.ua Open in urlscan Pro 193.29.200.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

329 Requests

91 %HTTPS

46 %IPv6

58 Domains

79 Subdomains

54 IPs

12 Countries

5583 kBTransfer

11683 kBSize

79 Cookies

3 Outgoing links

Page URL History

Redirected requests

329 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kolobok.ua Open in urlscan Pro
193.29.200.162 Public Scan

Screenshot
Live screenshot

Full Image

329
Requests

91 %
HTTPS

46 %
IPv6

58
Domains

79
Subdomains

54
IPs

12
Countries

5583 kB
Transfer

11683 kB
Size

79
Cookies

329 HTTP transactions
15 data transactions