sud.ua Open in urlscan Pro
2606:4700:20::681a:ec4 Public Scan

URL: https://www.facebook.com/sudgazeta/

URL: https://twitter.com/sud_gazeta

URL: https://www.youtube.com/channel/UC5R89CNV6EE9ruwuEFRcOcw

URL: https://www.instagram.com/sud_ua/

URL: https://plus.google.com/109465346485446350920
Title: Google+

URL: http://argentum.ua/
Title: Argentum IT Lab

URL: https://a4p.adpartner.pro/click/6480/2713917/00a4b273-8243-4a28-8680-049e90cffa63?data=eyJjcmVhdGVkX2F0IjoxNjU0MzE1MTgyLCJzaG93X2lkIjoiMDBhNGIyNzMtODI0My00YTI4LTg2ODAtMDQ5ZTkwY2ZmYTYzIiwiYWRfdW5pdF9pZCI6NjQ4MCwicnVsZV9pZCI6MCwiYWRfaWQiOjI3MTM5MTcsImRhdGFfc291cmNlIjoiYXBwLW1lZGlhLXBsLTIwOnRpemVyX2FkIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6IjBiZTQ0M2Q2LTkyMjMtNDJhMS04NmQ1LTA0MTI4ODAxN2Y2ZCIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0=&hash=34b6db5fa8c3ac416528f63778ef87c3
Title: Пляжные снимки горячих красоток. Им есть, что показать в купальнике, они и показали.Им есть, что показать в купальнике, они и показали.подробнее

URL: https://a4p.adpartner.pro/click/6480/2713973/ee1fdd2e-aac3-451c-a344-decd905df511?data=eyJjcmVhdGVkX2F0IjoxNjU0MzE1MTgyLCJzaG93X2lkIjoiZWUxZmRkMmUtYWFjMy00NTFjLWEzNDQtZGVjZDkwNWRmNTExIiwiYWRfdW5pdF9pZCI6NjQ4MCwicnVsZV9pZCI6MCwiYWRfaWQiOjI3MTM5NzMsImRhdGFfc291cmNlIjoiYXBwLW1lZGlhLXBsLTIwOnRpemVyX2FkIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6IjBiZTQ0M2Q2LTkyMjMtNDJhMS04NmQ1LTA0MTI4ODAxN2Y2ZCIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0=&hash=af524fb6210f66ebd7b46d69aca27be2
Title: Фабрика нацистских жен в Германии. В 30-е годы было принято воспитывать жен под себя.В 30-е годы было принято воспитывать жен под себя.подробнее

URL: http://www.bigmir.net/

server-108-157-4-87.dus51.r.cloudfront.net

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sud.ua/ HTTP 301
https://sud.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//sud.ua/;0.9094422161927818 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//sud.ua/;0.9094422161927818

Request Chain 95

https://c.bigmir.net/?v16953431&s16954880&t3&c1&n199687&w0&y0&d24&r1600 HTTP 302
https://i.bigmir.net/cnt/03.png

Request Chain 132

https://go.rcvlink.com/mtch/31/0be443d6-9223-42a1-86d5-041288017f6d HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=70050046177

Request Chain 134

https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=a21fd4c5-e276-529b-b783-3198d519e937

Request Chain 135

https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=a21fd4c5-e276-529b-b783-3198d519e937

Request Chain 136

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=d3f7d5a4-3a33-4cd6-7251-e77ce96ced38

Request Chain 137

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=8ea9d856-206c-4a67-5a0f-6f35c1da7748

Request Chain 138

https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id} HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

Request Chain 140

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 142

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 206

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgA9Yjf6NEnXrSdjyrqqa8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgA9Yjf6NEnXrSdjyrqqa8&google_cver=1&C=1

Request Chain 208

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YprYsPjJuGM-cjYNKCUWfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF9-HFsXt8mQfSSvogl13NU&google_cver=1

Request Chain 210

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzM3NzA2MzIwMTc5OTE1OA%3D%3D

Request Chain 254

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GCOh9iP24H27I3KpIKatNc_FPMmyet_CV0lrrr7A_vXzshQUt-ybXjG_zshcBhj8jjNuuD9_qmpfBSRbY1d5coJr-qj63c&google_gid=CAESEE9vqIq3w1JynGltAxrKGaQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXByWXNBQUFBTEJAVG40TA&google_push=ARnp8GCOh9iP24H27I3KpIKatNc_FPMmyet_CV0lrrr7A_vXzshQUt-ybXjG_zshcBhj8jjNuuD9_qmpfBSRbY1d5coJr-qj63c

Request Chain 255

https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GAoySyQuYU4OGewIVHiLOsbTkkPVBkujEuYH12RzdXezEuKyyEi0TlqOK6BHAKssK5GqRpem_LOODpRtbph8Gu-b6-4oiqG&google_gid=CAESEMraJNBw9mBSBe1YbgTNj6c&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLCx65QGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUm5wOEdBb3lTeVF1WVU0T0dld0lWSGlMT3NiVGtrUFZCa3VqRXVZSDEyUnpkWGV6RXVLeXlFaTBUbHFPSzZCSEFLc3NLNUdxUnBlbV9MT09EcFJ0YnBoOEd1LWI2LTRvaXFH HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdGh5Y3RnYnliY0VZbUJ1MGtUbThzUms0VFJET05KWTM0aUI0SVdQTW5XUQ==&google_push

Request Chain 257

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN87JF-i7RxEKNir-sQqI4Y&google_cver=1&google_push=ARnp8GAMf7_EUTzCAswMAdaRmQeUa4_nqKlntQ0_p6LKxkKBbVzCZizRiljZ3bB1xCfCCqC2q99qRmvBDd8-JnqgfTJeuSJGVTBh HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN87JF-i7RxEKNir-sQqI4Y&google_cver=1&google_push=ARnp8GAMf7_EUTzCAswMAdaRmQeUa4_nqKlntQ0_p6LKxkKBbVzCZizRiljZ3bB1xCfCCqC2q99qRmvBDd8-JnqgfTJeuSJGVTBh&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yC2QUQknTvWVx1zjyxkJXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAMf7_EUTzCAswMAdaRmQeUa4_nqKlntQ0_p6LKxkKBbVzCZizRiljZ3bB1xCfCCqC2q99qRmvBDd8-JnqgfTJeuSJGVTBh

Request Chain 258

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJBahxQ3Io-WD0dAYOKLgas&google_cver=1&google_push=ARnp8GBUFxCwAfSdltpiZIUIiOMHmZNXkt33spNfQQfJoPg4_DbYyEHN4-PcNo_gmYSFfy7ekMUNL2lvbGu7llffHxHFOh3guIVD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pQWjktMTktSEw4NA==&google_push=ARnp8GBUFxCwAfSdltpiZIUIiOMHmZNXkt33spNfQQfJoPg4_DbYyEHN4-PcNo_gmYSFfy7ekMUNL2lvbGu7llffHxHFOh3guIVD

Request Chain 259

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELd9frnbcSgn_wEbUKMSMbU&google_cver=1&google_push=ARnp8GCkHLbqdlYnT0DS7kU435e-6rW4Ahq8ip0SjSytb08yfsEOzJ1YK6QW723Qptip7HJtetKkJcjgVElZbzY3J7MUwA-esjU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsB6HX67YucWFMfKdogAAAr0AAAIB&google_gid=CAESELd9frnbcSgn_wEbUKMSMbU&google_push=ARnp8GCkHLbqdlYnT0DS7kU435e-6rW4Ahq8ip0SjSytb08yfsEOzJ1YK6QW723Qptip7HJtetKkJcjgVElZbzY3J7MUwA-esjU&google_cver=1

Request Chain 265

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELgwecy1iKB4dnC7V-hP0ng&google_cver=1&google_push=ARnp8GBVkaBPTFJ5kdu41qQDemjcQlDcJhorC0D8oC_FYoSqNrDZ78S1Ubxy3Txw3mwsNZWOrM2LJhXExx69_0slDDGQN228D8ip HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELgwecy1iKB4dnC7V-hP0ng&google_cver=1&google_push=ARnp8GBVkaBPTFJ5kdu41qQDemjcQlDcJhorC0D8oC_FYoSqNrDZ78S1Ubxy3Txw3mwsNZWOrM2LJhXExx69_0slDDGQN228D8ip&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sPueI8hZTfKEKg5tXjXqUQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBVkaBPTFJ5kdu41qQDemjcQlDcJhorC0D8oC_FYoSqNrDZ78S1Ubxy3Txw3mwsNZWOrM2LJhXExx69_0slDDGQN228D8ip

Request Chain 266

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFDx9oT5ujNA6pSC4OCmBjA&google_cver=1&google_push=ARnp8GD1Gk6App94L6mBw3iozjQxEQ7bJBCYiF1meQLRxD0EiQ9tAGrboE05xH4GSufTZAANYbgdlYmqB3dMyvV-6WsWi8nOY_aX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pQWkEtMVQtQ01XOQ==&google_push=ARnp8GD1Gk6App94L6mBw3iozjQxEQ7bJBCYiF1meQLRxD0EiQ9tAGrboE05xH4GSufTZAANYbgdlYmqB3dMyvV-6WsWi8nOY_aX

Request Chain 267

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDOePFJYJk1NvsxBfFiDhR8&google_cver=1&google_push=ARnp8GAy__ytYg0A0CRKRo7rd43xkwm1O5Tx2whGQDjZpovo_3AGi7rp7bJUqhCH4t8SbTJkLbfz8TFkswUNsmnaTITIzteC3Dyv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsB6HX67YucWFMfKdogAAAr0AAAIB&google_cver=1&google_push=ARnp8GAy__ytYg0A0CRKRo7rd43xkwm1O5Tx2whGQDjZpovo_3AGi7rp7bJUqhCH4t8SbTJkLbfz8TFkswUNsmnaTITIzteC3Dyv&google_gid=CAESEDOePFJYJk1NvsxBfFiDhR8

Request Chain 273

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 280

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1

Request Chain 281

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YprYsPjJuGM-cjYNKCUWfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1

Request Chain 282

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHxNJPdyYp6doeoLcm2ayJY&google_cver=1

Request Chain 283

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzM3NzA2MzIwMTc5OTE1OA%3D%3D

Request Chain 286

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 291

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0q4EJnHcRtQ5CdmAvU9eU&google_cver=1

Request Chain 293

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKC6uWlvSqyFojePIWhmQjI&google_cver=1

Request Chain 311

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFcgr54LKQMtJBKaglrjAM8&google_cver=1&google_push=ARnp8GBp5i6ElXh_pfuZ1EsyBoX7oGodWHZ4ENxw-OBH8rIUGPD7AZ8xrzk9ArIb0UIHyebW0i-DB1oM1AZaBY9NF1uCKUie2Q HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBp5i6ElXh_pfuZ1EsyBoX7oGodWHZ4ENxw-OBH8rIUGPD7AZ8xrzk9ArIb0UIHyebW0i-DB1oM1AZaBY9NF1uCKUie2Q&google_hm=bZKSpCIDsmq9QuSWc7mJpg

Request Chain 312

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GCu98SzkCXq23k41lBC14mjThnmhjoeXXRWOpmUX10F3kAx8N7x4_-GvGFWJhU9y4ruZ5b_yOu-Nvwrqrm_bP7sJ7eKAL0&google_gid=CAESECHuLUyDpNzfxzM_Yqt9vCI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXByWXNBQUFCUjVMYW5sZA&google_push=ARnp8GCu98SzkCXq23k41lBC14mjThnmhjoeXXRWOpmUX10F3kAx8N7x4_-GvGFWJhU9y4ruZ5b_yOu-Nvwrqrm_bP7sJ7eKAL0

Request Chain 315

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHwwO6VIwZ4ih1JdhS7DuMU&google_cver=1&google_push=ARnp8GDCGCsgOBdPM9Pb2_2HDS1g2M1uM0u45OA_iHwvl_R-4PB3b2Hws04euhD-pNk5ualwrjt4ONn_ceEMWBpAfGsFkhj6vpw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHwwO6VIwZ4ih1JdhS7DuMU&google_cver=1&google_push=ARnp8GDCGCsgOBdPM9Pb2_2HDS1g2M1uM0u45OA_iHwvl_R-4PB3b2Hws04euhD-pNk5ualwrjt4ONn_ceEMWBpAfGsFkhj6vpw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WR5Bp99rRf6YPATYcQrEig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDCGCsgOBdPM9Pb2_2HDS1g2M1uM0u45OA_iHwvl_R-4PB3b2Hws04euhD-pNk5ualwrjt4ONn_ceEMWBpAfGsFkhj6vpw

Request Chain 316

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFYgX40I-661zvN8dYCH6a0&google_cver=1&google_push=ARnp8GBTdrAlqIGNXSyRqjkc0sqfm28twzHEnXZjwPlJSSDi9spH1Jla_JMi-IP8pxxfXP1fBsCGkwJ6xgu1s4sRkQCJC-pJavw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pRNVQtMTctSkhPSg==&google_push=ARnp8GBTdrAlqIGNXSyRqjkc0sqfm28twzHEnXZjwPlJSSDi9spH1Jla_JMi-IP8pxxfXP1fBsCGkwJ6xgu1s4sRkQCJC-pJavw

Request Chain 317

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOQ1_NxmE09FXOW_hnHPzlg&google_cver=1&google_push=ARnp8GCVbFL3gzGF497QS-x7ICwGal8lvbzNRMnuuealdYmsYmFX1x7RiZFpUfxf1141wcC4KjM3Z-yAVwGGk6_KywPxsHjLx08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsPjJuGM_cjYNKCUWfAAAAqYAAAIB&google_gid=CAESEOQ1_NxmE09FXOW_hnHPzlg&google_cver=1&google_push=ARnp8GCVbFL3gzGF497QS-x7ICwGal8lvbzNRMnuuealdYmsYmFX1x7RiZFpUfxf1141wcC4KjM3Z-yAVwGGk6_KywPxsHjLx08

Request Chain 324

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGOSd4DwO5RXkY8jpXut47s&google_cver=1&google_push=ARnp8GAFFYiUHGfxyZfOZCOpEJ9__0dQIxS76qqGhvcmiwf-eu02sq7kYbfhPBELbuFGvPB2JPCcwRSYkK5Yd11HwIcOf9NMorHJ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAFFYiUHGfxyZfOZCOpEJ9__0dQIxS76qqGhvcmiwf-eu02sq7kYbfhPBELbuFGvPB2JPCcwRSYkK5Yd11HwIcOf9NMorHJ&google_hm=bZKSpCIDsmq9QuSWc7mJpg

Request Chain 327

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIt1YtWFJy2nwcBsT9Jtgr4&google_cver=1&google_push=ARnp8GBHrA0Jmns4mU1UTrpXKyRXv68xhvQ0kOEIaBnljt_irOB-awWAcAq8aG81nReKdUX2WYapa1yor20oM1YbJEtRl2ZEj3NY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIt1YtWFJy2nwcBsT9Jtgr4&google_cver=1&google_push=ARnp8GBHrA0Jmns4mU1UTrpXKyRXv68xhvQ0kOEIaBnljt_irOB-awWAcAq8aG81nReKdUX2WYapa1yor20oM1YbJEtRl2ZEj3NY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IX3N7wYLQ6SFWK1lU2AT-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBHrA0Jmns4mU1UTrpXKyRXv68xhvQ0kOEIaBnljt_irOB-awWAcAq8aG81nReKdUX2WYapa1yor20oM1YbJEtRl2ZEj3NY

Request Chain 328

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF3ZYSrcefcNhcbv4PitQZQ&google_cver=1&google_push=ARnp8GATRelj1LAHJm7XGtzKQzz-W9Lbg2puKhNhhf99Fe_dGRIyjcjY5DZmzSY0Uod4SMbC5U2t3VUUQCUECzYiykRyvF37MWza HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pRN0MtMjUtMUxMRw==&google_push=ARnp8GATRelj1LAHJm7XGtzKQzz-W9Lbg2puKhNhhf99Fe_dGRIyjcjY5DZmzSY0Uod4SMbC5U2t3VUUQCUECzYiykRyvF37MWza

Request Chain 329

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAdRORfSKabCIRyiZRupT_U&google_cver=1&google_push=ARnp8GASlsJi8uRM2eZllZGMT9vUZ_Qq2_oRGHNd1S3BvJvqHoSvwB7EGzdXM-tHZAkmFqdQykijDoQS9Gx1Q4emxZuZiejq858 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsPjJuGM_cjYNKCUWfAAAAqYAAAIB&google_cver=1&google_push=ARnp8GASlsJi8uRM2eZllZGMT9vUZ_Qq2_oRGHNd1S3BvJvqHoSvwB7EGzdXM-tHZAkmFqdQykijDoQS9Gx1Q4emxZuZiejq858&google_gid=CAESEAdRORfSKabCIRyiZRupT_U

Request Chain 384

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=195181397643045&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b1b720693f17c%26domain%3Dsud.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsud.ua%252Ff4d05261dc282%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fsudgazeta%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D195181397643045%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3b1b720693f17c%2526domain%253Dsud.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fsud.ua%25252Ff4d05261dc282%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fsudgazeta%252F%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse

384 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sud.ua/
Redirect Chain

http://sud.ua/
https://sud.ua/

115 KB
23 KB

1555ms
1413ms

Document
text/html

2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc635e5bbc8677d89afd1f9afc8e101321e2725aaa1c3697af19472bd47eca15

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=300, public, s-maxage=300
cf-cache-status: DYNAMIC
cf-ray: 715dc1d7fc0583af-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 04 Jun 2022 03:59:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWuHX3ynas3V9m712swh4ohMx3nFTOkdwZqECsfxvlXFHYnvZbC61w1CAin2ki0L8BL1p17InW2cjfBdjFNxMGfGP2mT27TBGdubXNZgXKZSOyhh%2FTwLXYjT18iAuy1X9bfx%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 715dc1d69aa83758-MXP
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 04 Jun 2022 03:59:40 GMT
Expires: Sat, 04 Jun 2022 04:59:40 GMT
Location: https://sud.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6PgJc81VzPQwm1%2F1%2BLGsCh72SdeyuPII42%2FB6Odest1a8txbVBJMCWGwKsSYG2PLKRFgcEV%2F2EOmy4OacRhAGN9tdp4pLxZIgGi6jxMtAt62qX%2FyjWYU6xD%2F0ZyDrtFEhq4Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 sud.css
sud.ua/css/ 39 KB
8 KB 70ms
69ms Stylesheet
text/css 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/css/sud.css?v=3
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 579b36d7bbe4c611dfabcb5176890c30baff7ac6120862b554171a427ceab674

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=54139
last-modified: Wed, 14 Apr 2021 08:38:20 GMT
server: cloudflare
etag: W/"6076a9fc-d37b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lkuv7wML5fuXBu3RY0U73hdUh%2BX%2BVeDFcZ4K%2BaT3Encd6yp1%2BzxYGen%2BfuFeebMJgCXU5w1Xg%2FANFs5xr2XSldfPYLnCC5tnoIpUMp9ZvGtv8GK56x92GPcBcsGlJ2qwRsmhGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 715dc1e0dde783af-MXP
cf-bgj: minify

GET
H2 200 superfish.css
sud.ua/css/ 310 B
497 B 135ms
133ms Stylesheet
text/css 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/css/superfish.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ccdf471cfc392fc8f0cee332bab9174a958b301d54792a344e9d922fecb49e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=419
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUD3YEV9%2Fi5cjR1ca3gH0B%2BpostPvp59%2Fmn8qRtPJ1oer1Ohcs4AZxKC9x%2BFTzwf9Aw6ovosQgyVAaTl27CGr50lACMMs%2Bn3qYvfPYk%2FwwUnQ4%2BrSmL41Oc%2Fwzxih1dXclUNuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 715dc1e0ddeb83af-MXP
cf-bgj: minify

GET
H2 200 jquery-ui.min.css
sud.ua/js/jquery-ui/ 22 KB
5 KB 76ms
72ms Stylesheet
text/css 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery-ui.min.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd51ccb5a721fa2dee14495f4a2304aa493ee0e1b9e8cdccd5c71681f8679d33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 5558
etag: W/"5ba0ee53-595a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzNiHYiHcHBJCfdhb7BfCol7w681zpZ%2BgkRhxn2oQnUTzLuBB0uzE7ORkq0%2BlkB4IyLEVaKlyKJ2prPi3D4faJ9eOxnpv42qYCP5gbL9pVlOU9O%2FqdX17LFmeH%2Bf6l8K0rlciw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 715dc1e0ddee83af-MXP

GET
H2 200 jquery-ui.theme.min.css
sud.ua/js/jquery-ui/ 13 KB
3 KB 134ms
131ms Stylesheet
text/css 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery-ui.theme.min.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 260315e4555f49b1337ec2b809c44d6910e10205c65e5141bad381805d2ba826

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 5558
etag: W/"5ba0ee53-351f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0me%2FtsoAi49QWC9UaMkaumjhpzr8V4k2OYn30vO0vKbJqg34f2ofAouaFiDtYeJ1%2FD2nhnr8frhv35Ml5KecFCYBqYcUUAo6YBCDL2tqUzW15Z9CZJzLJ1I3pqegsXbq91vYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 715dc1e0ddf083af-MXP

GET
H2 200 jquery.fancybox.css
sud.ua/js/fancybox/ 4 KB
1 KB 71ms
68ms Stylesheet
text/css 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/fancybox/jquery.fancybox.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f8d462b525463127b626f5d9053ada2169ed3276e56ee97e55bda688047f17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=4886
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-1316"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTosjM2IigflS3lrEdO3DbZlnmx3DvohvsCKl2R4pKNP5f0e%2FpTUf6OI1mEGla%2FG8HD91BFz1tZa%2FLMyyAcv7ppKGaCJH9kVM4nZISxft6mjD2ebYCNu917pkoAd9nViK5ePsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 715dc1e0ddf383af-MXP
cf-bgj: minify

GET
H2 200 flexslider.css
sud.ua/js/flexslider/ 4 KB
1 KB 72ms
69ms Stylesheet
text/css 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/flexslider/flexslider.css
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d1d14f8191806ba0c7ad15cf563279f403ef9c0e388d930ef442f862b89f832

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=5988
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-1764"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKfSCZeFCZ1eHy2m%2BPgIIePtg2vhKimw58waVMuudQSxAm%2BNp6oR0Qud6Ix2yipnqLvQXZO8H5vyzPubOTbjadZfEd8GPnMpkGhcZdMJb%2F6J8Xum0Ltq8I9nnVneWPH%2FFW%2B9vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 715dc1e0ddf483af-MXP
cf-bgj: minify

GET
H2 200 jquery-1.11.0.min.js Show response
sud.ua/js/ 94 KB
34 KB 76ms
72ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-1.11.0.min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 5558
etag: W/"5ba0ee53-1787d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPw1liUIi9lJQ9OvWOlRbdxNeC7nVUy%2FSvl%2Bc7eKW9JT0zbsBGr%2Bf1nrLOCvwdZVZipAQyfC5O38umNvdX8ZsnsfdMl%2FbXLBt8iVkSY5C4ip%2Bunl1iHpXFyUe6U%2FCWirT5qwJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 715dc1e0ddf583af-MXP

GET
H2 200 jquery.easing-1.3.pack.js Show response
sud.ua/js/ 3 KB
1 KB 71ms
68ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery.easing-1.3.pack.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 774e90a51b4189c6ab5cb3badda2c67d60197f464e43333387651f982e6163bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=6717
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-1a3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QN7yTpsdcWqsV6AbzYW%2FN%2BuQriiTnCHqOg1lPC0HVrd5NlPyK9MCcsF3PaUBCqSpaiL3nMWeA%2B%2BAshnjSckbVcy03V8pWvtC0xHHp5DUkFYj0glY9RDJ3qmDULpB1IAbMhdLIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 715dc1e0ddf683af-MXP
cf-bgj: minify

GET
H2 200 respond.min.js Show response
sud.ua/js/ 4 KB
2 KB 73ms
70ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/respond.min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 5558
etag: W/"5ba0ee53-fe5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3mufaPlPF9yexbxrWe9HXMitCyq0w3pnANGrDPvA7xMvlp8TXeEI9bdiFt8COnHZie6BFxL7DLFtJWlK%2FNRcIcpr9MvsY1e67dU7DhK5jNZxlffQCrmNYZa01BCudJJkxG7cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 715dc1e0ddf783af-MXP

GET
H2 200 jquery.fancybox.pack.js Show response
sud.ua/js/fancybox/ 23 KB
9 KB 72ms
69ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/fancybox/jquery.fancybox.pack.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfac49bec33974b027f5e08c4a7e40a76dca5d3d855b5d260c6eb2e9bdd67e9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=23135
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-5a5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIKSlbgDkXnj8lMo0xmIG%2Fjmr8yXWoZj%2FiPQDQYFMMkAUPOorpmHFlHWuzrbxDL6FLzvuQMN31DN9dm2KcnJSpQHFwxw0RsQaAEtmTuQSnJ3n85MzoAjv9YaW73l0l6Wbf%2Bpsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 715dc1e0ddf883af-MXP
cf-bgj: minify

GET
H2 200 jquery.maskedinput.js Show response
sud.ua/js/ 6 KB
2 KB 136ms
133ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery.maskedinput.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70070dea8563cf48b07bd826618554ebb5cc1ea6332d024c4697e774c4ce44d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=10370
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-2882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVwzpxTFEhyXld07sw8oKLSs4Buy0RvTL9SVSvkalsErng%2F3X%2F5EWtGjVAmio6Xvz8SsoKYiTLi6S6CuLYCyGJKHnFDGMOKWtW7%2BK3SQpf%2FoqsO3JzLHkX6gh6LE495PcbfByQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 715dc1e13e5a83af-MXP
cf-bgj: minify

GET
H2 200 jquery.ui.datepicker.i18n.js Show response
sud.ua/js/jquery-ui/ 3 KB
1 KB 134ms
132ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery.ui.datepicker.i18n.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa8c6c10a50339012de17b71571c52f57ec364a7200a359629aa770e90d20b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=3465
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-d89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8QjjY0pJ53UJzz8cfZYFSAk0LlouUQaetOJt2ozXyYMvz9sxUIToEhuZsjjjwDVyWrTxt371cutDUkHZqLtj1llgvf8l8%2Fmfwa%2FeGcGCcUcsa%2B3HSzyqkiEBZI4CE9CLIWZSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 715dc1e13e5b83af-MXP
cf-bgj: minify

GET
H2 200 jquery-ui.min.js Show response
sud.ua/js/jquery-ui/ 168 KB
47 KB 139ms
137ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery-ui/jquery-ui.min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6b29649695122285a0af27dd2ae18a932f869d963a2400ccb9eb330c6234436

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 5558
etag: W/"5ba0ee53-2a0c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cHhq0RURxYvnQfjRAjJVkw4mWSs1poLP5Ty4fTiAyqjlIJed2w4Wo%2FZreqBptrnOfHmbjBoSXgDGfKesfq3WblhIMKGaDDtdkRvijaR1BC5dlVa5s3BUYh8kyqDdEQ6x1YM3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 715dc1e13e5d83af-MXP

GET
H2 200 hoverIntent.js Show response
sud.ua/js/ 1 KB
853 B 133ms
131ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/hoverIntent.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e14601fa1c4a3153f7fa73764030fbd33852b5e1c7ff0955959f90803535c5fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=4938
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-134a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQy4HGzdb9F2Y%2FKwG7%2F0Ta8kRHbO10CC8IFLztSTvtEBpXb6rbshzBhX8Jhgs0pePRMYNZmBNb1abaCq7OSAjh2kPnpWD%2BZbbcvIeiXBLxySL15cvQcbzehArWRzowbrd%2FkDjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 715dc1e13e5e83af-MXP
cf-bgj: minify

GET
H2 200 superfish.js Show response
sud.ua/js/ 5 KB
2 KB 137ms
135ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/superfish.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02b5791418bf48985439b12ded8a21a4aad3c257f8716c95f60d55f6fd1f6383

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=6975
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-1b3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbSbXQjC3oiZg61Hf9l3GkSZMOnKzkDb1XewphWuKG9j3OUlfz47EJnzbB9jBpd09N3xNVM0XqAVaDreu%2B9x6hHry7vvFYWaQe02%2BWlZ6ondFXKlWpj64NLhZ9hnYqRpDPpSYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 715dc1e13e6083af-MXP
cf-bgj: minify

GET
H2 200 jquery.flexslider-min.js Show response
sud.ua/js/flexslider/ 22 KB
7 KB 136ms
134ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/flexslider/jquery.flexslider-min.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce94a80de9d146226e0967aacf51e37f92e18329815338af4de0aef3fc67705

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 5558
etag: W/"5ba0ee53-5746"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dj0CXc0qyAhwCs4ZsFip2luA%2F%2Bag17teG2l40oDB4vQNtwCm%2FtOUCpNfv93ck2UFXRtoXRfCXPr62M03hNEM4y6Aj1w4W6L5GWLcTwrhI6a3GVe61ucc2njNJrPcwQvv6XswuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 715dc1e13e6383af-MXP

GET
H2 200 jquery.sticky.js Show response
sud.ua/js/ 6 KB
2 KB 135ms
133ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/jquery.sticky.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8853e8db8dbd87dbd0de8f513e1fe5bccd647932a7f3a36953fe041f460bf71

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=10085
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-2765"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keAZzAe3q6b%2FLVLkO%2BFDjl%2FMEQt0SnpWOCUfdJUiRP%2BdlrwSLsRulUf%2B%2BTlWwchyIzCOgZO%2FkqDiebsX2HJuFbXxO8XOs7JKg9zg5Y2BRWvtW737p5S1A%2Fzj2Mt%2BLoJVk7ed6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 715dc1e13e6483af-MXP
cf-bgj: minify

GET
H2 200 main.js Show response
sud.ua/js/ 744 B
688 B 133ms
132ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/js/main.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cb0a6867e017c1d07862ef57ae439fd9062a8771c8b224c4deae9e26f883108

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=1857
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-741"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0T%2BB10DZ1d3ePe3mmNEjumg20mlbtAcTga4ZUFh%2Fo%2FQfNn85lLomv9WF6j0PLv4a6tnGqFIGovkJ2Um4BJuhoR6dkD0Qfy9QvWOH28oG%2F%2Fa2dl1z%2FpyEjKbq2FMo1kZ3Hp34A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 715dc1e13e6583af-MXP
cf-bgj: minify

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 187 KB
42 KB 160ms
52ms Script
text/javascript 108.157.4.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

aeef17cb37c9f11b40b147b04e3f16ee3a2fdaa90bae2d503a7e3e99399ea682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:54:57 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 285
etag: W/"2ed4f-4+kfuOk8lynXIin2Z82IybFv7jo"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: DUS51-P2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: jRTf3KKYIUKBSQHejhiXIJ14SKgF_4aHPrI7u5_uszUAH-j7U_7q2A==

GET
H2 200 28b7ceb6dba8fe7150ac3c08549b1fca_1.js Show response
cdn.sendpulse.com/9dae6d62c816560a842268bde2cd317d/js/push/ 115 KB
34 KB 170ms
61ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sendpulse.com/9dae6d62c816560a842268bde2cd317d/js/push/28b7ceb6dba8fe7150ac3c08549b1fca_1.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

3e2a7a63ff39c91714f1e3e241b5e08fa8740b98b40dab91d9074f738117ffc3

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng sendpul.se .sendpul.se .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: 90DGA5ojMSc
x-77-cache: HIT
x-cache: HIT
x-age: 409412
x-xss-protection: 1; mode=block
x-77-nzt: AcO1rzXMIkH/RD8GAA
x-accel-expires: @1654510570
x-sp-ma: sp-ma-0
last-modified: Thu, 25 Feb 2021 13:19:48 GMT
server: CDN77-Turbo
etag: W/"1cd3c-5bc290188bc3b"
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';

GET
H2 200 css
fonts.googleapis.com/ 30 KB
2 KB 157ms
52ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599dc54e55dcba53ded24afcc18f1fffc7cbedc36695daed2b70bc8795bdd509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 03:59:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 04 Jun 2022 03:59:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Jun 2022 03:59:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
50 KB 184ms
80ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e11fa077727655e19cf79b0353fdaa81b33a631bd94423d18c1dae9fa5a8fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50955
x-xss-protection: 0
server: cafe
etag: 16770361446145481121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 03:59:42 GMT

GET
H2 200 logo.png
sud.ua/images/ 6 KB
6 KB 79ms
69ms Image
image/png 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/logo.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00decae85b73f456182a67b0226dccdb5590167c0e6878bb533c54b78843da1c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 5558
etag: "5ba0ee53-1678"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhFRo%2BqZC1pgR667SRrC9U4gwcWm8SG4%2BaEjCMhUrTjV%2Bd%2BGo85UYtJSKKXeO1ptjp9JVYMMU9glwTt9k4hx5q3y733a2Nu5HzYArBXB3pX3GF%2BuTcZNNqRU8WBa8bmvN4rVDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 715dc1e24f7f83af-MXP
content-length: 5752

GET
H2 200 40034c7716d5f76aef8146f8efdb819b22cecd83.jpg
sud.ua/uploads/news/2022/01/14/ 31 KB
31 KB 224ms
214ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/01/14/40034c7716d5f76aef8146f8efdb819b22cecd83.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f894a8e1944cf685c9c8e08b280b8b2230d62a54cce03f5d02f9827ee4b78f3b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 14 Jan 2022 14:44:17 GMT
server: cloudflare
etag: "61e18c41-7afb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pWCbpK3METMxUkTlFR7cWkHXazooHwwtL%2BuXmlZknT0yEqugl9H7MpIUD7UzmKv%2BhUy43owAd%2F4EWM56IrmRVEcRoLuGBIIhwjt7ZAboUQsiYLEuUO0xgSVsnfs5Pl8WLikAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f8183af-MXP
content-length: 31483

GET
H2 200 c944d1bdd2384fb3f0ca3bfa07c04733088c0847.jpg
sud.ua/uploads/news/2022/06/03/ 67 KB
68 KB 224ms
214ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/c944d1bdd2384fb3f0ca3bfa07c04733088c0847.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdcdd70464469c22309d276ed3ab7b623453920d5fdbfab07c858c1c17cb5f03

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 08:52:03 GMT
server: cloudflare
etag: "6299cbb3-10d29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MvHKFQfmqq8cAFijREcwO84gXxPm0o8muwQgGnrda6Vm3XnQj97VbzI2XlQz1TI11HdSnY8HZZJKzvAQenbBbtblz5yeqlEilY2NJIb8eKYTJ72tPPxisDTCQqg%2FmFKwxAJRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f8483af-MXP
content-length: 68905

GET
H2 200 e6d7cb8c1dfae7e01d7f85fc7ba607c39a73223e.jpg
sud.ua/uploads/news/2022/06/03/ 60 KB
60 KB 140ms
131ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/e6d7cb8c1dfae7e01d7f85fc7ba607c39a73223e.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5917aceef0849e6dfc09dfc73ae23e99bf012c3fea8c2958e4af7a9f06a86e0a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 13:16:07 GMT
server: cloudflare
etag: "629a0997-efab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZrngAW52IEcGMXXILrKtEz%2BiJmNrRMfdtMzBBtnqBxByHZe%2FGZ7ThG6CmUhmcZa8niQB8iK1xcMLp7%2BFp2V9SjGbWybDdBtYMs2Ibc6KAoyUt83NlvkFsoykMpD8HP2%2FkLpOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f8683af-MXP
content-length: 61355

GET
H2 200 a9f514ac83bc197fb6f3ebd5d5dcf606599c9d4f.jpg
sud.ua/uploads/news/2022/06/03/ 114 KB
114 KB 223ms
213ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/a9f514ac83bc197fb6f3ebd5d5dcf606599c9d4f.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf82581f4f730302fbfa69e2d8139a05c44fdad98d9fbc08f5350eacb8f7907

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 11:50:05 GMT
server: cloudflare
etag: "6299f56d-1c6a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNmaVotlGSz%2BU9W%2BDCxsgXlPj3CxHLhOblWN6RvyFMJFnPbJlHYsDLAga2iy3C2C%2BZ3%2FPvsqI12XfREgIrks6zrJq%2BNFSGGNU3dnVQbbChsyCDRIFX%2B2Se3IVWZghQm%2FPkCR6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f8983af-MXP
content-length: 116393

GET
H2 200 682102b9a6ebcd0411652344dfbc40e0033b717c.jpg
sud.ua/uploads/news/2022/06/03/ 70 KB
71 KB 224ms
213ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/682102b9a6ebcd0411652344dfbc40e0033b717c.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e6b50fbf4b69c2f3f90f5306adfb3294aa242bde61c757754fc38fd7286728b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 10:09:26 GMT
server: cloudflare
etag: "6299ddd6-1190f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzQue8LUWxG7uOy87PncxDTaXV3UoO3XiFGDULofLsSv8E0%2FJ5A1SAK1vLDsCWKvtJ2Gpx1u3EXuP%2BA368yMt8eVQnyFsvxZfebtYW9EKNdbYnf2NOHEYi4%2BMPe1LGEV0allaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f8a83af-MXP
content-length: 71951

GET
H2 200 ec7baf214c403643708cef08bd2a18d45c352c90.jpg
sud.ua/uploads/news/2022/06/03/ 72 KB
72 KB 223ms
213ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/ec7baf214c403643708cef08bd2a18d45c352c90.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7e676a971e5b23d9196fe91aa2454c5e9e8eedf89f0e1b66aedc6a457b1a0ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 09:45:58 GMT
server: cloudflare
etag: "6299d856-11e84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFmQSiM%2BGZwixYxH3Yb6fufzRLNEvJq%2BtbKsMTgTVWUlxxAqQojaQA2kicC2Ggu%2F1H3Yo541RkW%2Fck0Z7uuGybcnKfwt5eeerfewHABya4YMsIvx5xI0GiqyzBPxv9gapwW6Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f8b83af-MXP
content-length: 73348

GET
H2 200 053bee296a2bd0d495aa2b459985c4a52509d203.jpg
sud.ua/uploads/news_author/2021/ 7 KB
7 KB 228ms
218ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2021/053bee296a2bd0d495aa2b459985c4a52509d203.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4421d41187e81c01fb405db52576656073cf9cf7f9d1dfb4de1915da0510853

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 26 Jul 2021 12:36:02 GMT
server: cloudflare
etag: "60feac32-1c3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LjjhKGGgvr2WNAAiKHrnJqVTh8X3KBQqL3KA3dEsS%2BIJRNVhywnib61Jf%2B29E1HbB0HJeqLi5uofCOBIfAmuhHLfPr8TM%2FKYc31eSLAtry5W%2BeM9x5Se5miBkLhLy6qJIRv4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f8c83af-MXP
content-length: 7231

GET
H2 200 6e309565966db8744fb9932f0d8b6ecba9e05b51.jpg
sud.ua/uploads/news_author/2021/ 5 KB
6 KB 231ms
221ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2021/6e309565966db8744fb9932f0d8b6ecba9e05b51.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4290896de2ed388e9186a88acd6c76baf5b7d830755b809551e9bcd88b6d2f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 03 Mar 2021 07:28:04 GMT
server: cloudflare
etag: "603f3a84-1586"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0X1wZOrIe041vaj78JOHKIeIYxxgg0GjMWWQBPiAOKFshaqzYaqzgCpYGQkngCL3XDhtjvZDy7y7FAuqXQ7d%2BBdDKyYIBG6VWKpw2d0O0QXsmwS31dMoE%2FKxoGPc1z6cMyME5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f8e83af-MXP
content-length: 5510

GET
H2 200 1a2c99489329025b0c7df166747ba3c06ee02c23.jpg
sud.ua/uploads/news_author/2020/ 7 KB
8 KB 223ms
213ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2020/1a2c99489329025b0c7df166747ba3c06ee02c23.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e79d1280b0336fa2f1f507a1efc1803fe6961a376e1dd6fe0e00ef4e78c9cb59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 14 Sep 2020 11:24:49 GMT
server: cloudflare
etag: "5f5f5301-1cfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhyGahW3LcyWFQTvptIB7xF1kubwln2L%2F1r5N7e4sJWiJ06PgajcIVfk5epDtIiMfculfhBPVzbwRH1OOxdKyDxEW9VnPji55QAy%2FljqqWPTJXPkwD3Iykv8mR%2B6YCwfJOOkMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f8f83af-MXP
content-length: 7420

GET
H2 200 05c8eaf4482fe3ca46fe88eef3b7f0ddeaae33e3.jpg
sud.ua/uploads/news_author/2020/ 6 KB
6 KB 224ms
215ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2020/05c8eaf4482fe3ca46fe88eef3b7f0ddeaae33e3.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fae7a1a8722e16860c1134a7697e021fa2da4defe73cbd0b97f5739c869e7778

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Mar 2022 09:55:26 GMT
server: cloudflare
etag: "6233058e-185b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sEaKMdYPxkPA8kDJhIUIT1GjsyOby6Sq8o038MdYRu79WKTlusQr7RUHdfcoLETEKqxdeCqc9qDmqim%2B6wop6W1kc2qf%2F01pivbLd0PYjq%2FEVzIAjnAqOH8fgdoOsZcCVieBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f9083af-MXP
content-length: 6235

GET
H2 200 b298b71a5299e8e57b76db45ca0af7f6cc3a43de.jpg
sud.ua/uploads/birthday/2018/ 24 KB
25 KB 228ms
218ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2018/b298b71a5299e8e57b76db45ca0af7f6cc3a43de.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98aa391f0608eceaa7c71c076b75d88adc129bf40380b09631e6733e861a2433

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 31 May 2018 12:01:39 GMT
server: cloudflare
etag: "5b0fe423-61c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgtcsjeWJBvi7dr3hBe%2F5Opl9TGDYvihRXVc0Po5skRLY3WuaBQr7w5eXDbgdLxsRVl%2BstCX%2F661ZWLffjMmVrZbBSf77u0%2B0D7rCAwJBsF4WIRTEw6I7WyExz9QSg6HkY%2FD%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f9283af-MXP
content-length: 25025

GET
H2 200 99595e163583bfdf44a06ff4a0bc4b5b5d7007a2.jpg
sud.ua/uploads/birthday/2018/ 26 KB
27 KB 241ms
232ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2018/99595e163583bfdf44a06ff4a0bc4b5b5d7007a2.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d33afe197c7b6bad02ce2b8820a48bdd07e4fafb2d7990ed379f713a4bcdb159

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 07 Jun 2018 12:26:48 GMT
server: cloudflare
etag: "5b192488-6951"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzMeZU2HHTDTXlt02Mv3O2d%2BTwjaZGAMojbysrYQcH4DDFlDkDsAmpGeU2xXxM55L7JO%2BDqvtlTtZgr15%2Fb%2FRQ7UKpXWOYij5GT9PGwewpkTV5kBn2u90L%2F0dXyd2Z1mt%2FmNyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f9383af-MXP
content-length: 26961

GET
H2 200 3fe6adef46c22c6f4d434e8a4d15e3b7949d68db.jpg
sud.ua/uploads/birthday/2018/ 22 KB
23 KB 229ms
220ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2018/3fe6adef46c22c6f4d434e8a4d15e3b7949d68db.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55da3ab31e6f4e8211675d7761472fefdcc6f8714af83858a63aa72402d13c3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 07 Jun 2018 12:26:59 GMT
server: cloudflare
etag: "5b192493-5901"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPXKI9fdE58NhkcMTLQhPQUMHub4wfoSE4BWRfQYhKYCXSqYKSKD5jnKunheKBcNMHaMNOqSWbgSPjw7%2BeXdkjXu4qU0EjgdayWFilpnAl3XpEFtM2e%2BdQoe1gGT%2BgbrWIpDOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f9483af-MXP
content-length: 22785

GET
H2 200 e97bd137fd6be8880f45feb393b58c2ca3ec8c0e.jpg
sud.ua/uploads/birthday/2018/ 22 KB
22 KB 227ms
218ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2018/e97bd137fd6be8880f45feb393b58c2ca3ec8c0e.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a8a4e33cd451e75add3249a138114cd1780c123c61103be37dbbefd5e3ca57

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 31 May 2018 12:10:14 GMT
server: cloudflare
etag: "5b0fe626-572f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9z66Yslyhq1tNegNN1PMQI9SZZiZg6F0oUgA0a1HXbQcUzxoCgOoWQwXOV217Vtnx%2Fn0lNsXdusYv6Nfiz7pfZnlMvu1xcMYxopiNUJ51aSyGsFz0E4KgRMQvlmrHVBJNZc1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f9583af-MXP
content-length: 22319

GET
H2 200 104d8f68fa2ed311dc79eb7405cd5040b8383e00.jpg
sud.ua/uploads/birthday/2018/ 20 KB
20 KB 240ms
231ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/birthday/2018/104d8f68fa2ed311dc79eb7405cd5040b8383e00.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d90656aa028f8afc907abacfc4bf64edcc3b774da45af17e726bd269ee39c3d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 31 May 2018 12:16:05 GMT
server: cloudflare
etag: "5b0fe785-5008"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wnChfpfvVLvbcQz7rgRWy4TABJLjGIVylht6B3Tvcd8relMZOHUt1pbL8o0ipvB3XBIXeqgHaQar4oTV3LL%2BIAfHZVoeyHoTcGdR4V93ZtzdMEClnPxbZpBcWFVJhEy3zHOUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f9783af-MXP
content-length: 20488

GET
H2 200 7d4310e9c7ff8411044395250757329fbe51a1e8.jpg
sud.ua/uploads/news/2022/03/02/ 23 KB
23 KB 229ms
220ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/03/02/7d4310e9c7ff8411044395250757329fbe51a1e8.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cdf5567f539f9b0bafc133017fb118f00af633014f152006080ff84d6b3937c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 02 Mar 2022 13:09:17 GMT
server: cloudflare
etag: "621f6c7d-5cac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyS16Bfigot3871HatFEre00a4hnsQdcxyCAY8qFb88Nn5ULu1aNGdJ1N2EnMIKNV7U%2BvL9kGlcO6cFrrk6Uk54KB1QL1fRAVBeii9UjPDkxNBUcIlLVAWDoMCLNdL34%2BwtDDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f9883af-MXP
content-length: 23724

GET
H2 200 a2ae585b1481d310123712a31599dc99a2f6cd0d.jpg
sud.ua/uploads/news/2022/06/03/ 66 KB
67 KB 229ms
221ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/a2ae585b1481d310123712a31599dc99a2f6cd0d.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d571302d9fd2fa30c6e51828070c67aa2ae1e675e4035265a041c9aa4ac583de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 15:30:11 GMT
server: cloudflare
etag: "629a2903-1092f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRY9qsXyVsIMzg7f%2BsEuxQJws112as6OSipDL%2BtETO7fDYtMU8iarl1%2FNucKjmhl6cC%2BvtQiHGEx8g3nOJiDqPV1GPX0LuE0YAk%2FGdZgaS8m02vLtMu1O9gCyWoMCbunqYGgXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24f9983af-MXP
content-length: 67887

GET
H2 200 cb1228906a6a3765f79cb778fc320e83b335f878.PNG
sud.ua/uploads/news/2022/06/03/ 437 KB
438 KB 239ms
230ms Image
image/png 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/cb1228906a6a3765f79cb778fc320e83b335f878.PNG
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 491267bea092ebed19c1a3e76cf5229f41b3166da4bcaa47f9e22ec74e84c1be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 14:15:18 GMT
server: cloudflare
etag: "629a1776-6d4a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yonSJnTs2WCkMOo8R8v29gCvciCmH3QzkrfqA%2FdOBROD7EW2XDIAkkKBKLb2U8I1FN%2FkLN66q%2FpeT6COtTaU6z44ngY3idw1KXMDD99VmQ1CAfamx7BCO6v1%2BtP7Ac36keAJpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 715dc1e24fa383af-MXP
content-length: 447654

GET
H2 200 6c08032bee59a42130de11a6d8075873699d08b5.jpg
sud.ua/uploads/news/2022/06/03/ 80 KB
80 KB 239ms
230ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/6c08032bee59a42130de11a6d8075873699d08b5.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15ec91645874851f06fd217577d96477540b765e6fecda37a83fdbd6b661d8a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 15:01:24 GMT
server: cloudflare
etag: "629a2244-14046"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REVqyCzCS9hO7b2VwePHj2%2FS%2BpbraYP8UDLPDWrEX4wRO3bPE0YtoCdQMO%2FpvsUo1g920Fj4a7rQJNKV4es0XybLGH9qAg5%2FU6PKRRkw5F9jdXVlMY%2Ffzy7k3CIRROu2bgjr9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e24fa583af-MXP
content-length: 81990

GET
H2 200 cc9a4f804e213e9800131bce485623727955c09e.jpg
sud.ua/uploads/news/2022/06/03/ 66 KB
66 KB 583ms
574ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/cc9a4f804e213e9800131bce485623727955c09e.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94d06d4c6c000fcd763c9c07395d2d024e91dd172bbe434e1959a26ffc8e3b0d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 14:56:33 GMT
server: cloudflare
etag: "629a2121-10694"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwsAVPidsENtNL4C2pgdxIvhmf78dNz6pD2Wq%2BhoVkGpe%2BMN%2BMwUCfeYxVIVD2d8gg1gb4DKMpvNRjCHK47lcPH7OnHo%2FDOq57wduhV9xaZtv32YlEoB0KlZZYv7yjKk7B%2BtQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81083af-MXP
content-length: 67220

GET
H2 200 2ee3af1de0f0b6d2a6e64d188f59f3c9bc8340de.jpg
sud.ua/uploads/news/2022/06/03/ 53 KB
53 KB 373ms
364ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/2ee3af1de0f0b6d2a6e64d188f59f3c9bc8340de.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1377202ee27aaeb447f19e5ab445b7310e12e871149cf1a82608a076e399312

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 14:37:21 GMT
server: cloudflare
etag: "629a1ca1-d40b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0RS%2FAb2oAj780711q55EoD2tabbLpGiMagWc4ftEpCS6fJjFC5%2BnbkL8VRjOBezpxMm0eOO5PAXro77pSS7vMHRsrrFWYHUbYGMBgnxXGRTNyL0rihbuRtGahd%2FQ6%2BoHIR8Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81283af-MXP
content-length: 54283

GET
H2 200 9ed01cd0eb4b1f6380145ad528d0638da191e034.jpg
sud.ua/uploads/news/2022/06/03/ 28 KB
28 KB 291ms
282ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/9ed01cd0eb4b1f6380145ad528d0638da191e034.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb16bd7bc43f90461d7e0778a15d5410b59f68d8345d870a8b9e4c9b757a194

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 15:55:24 GMT
server: cloudflare
etag: "629a2eec-6fca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWqjG3EFjgeF9mpHfvwWVjudIS3ka4RSGkYQiuXMb2Bm6gnMfzVQzDJ%2FFeeA9BJYHI7aRnjVLTAG5yGCuZBo7g3FBhZ5eDsMYzd1T10mQmMGZ7UStF1ZSFDaLSfjtvZ17teSkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81383af-MXP
content-length: 28618

GET
H2 200 ae42c8a34577652238e00f79b40d5bef7d2c19bb.jpg
sud.ua/uploads/news/2022/06/04/ 23 KB
24 KB 484ms
475ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/04/ae42c8a34577652238e00f79b40d5bef7d2c19bb.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e5b9b4e416a49be5a436857bf3bcb82e230df24b18f99fbcb5b475ba83afce5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 20:55:01 GMT
server: cloudflare
etag: "629a7525-5cc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEV%2BmOElm9tU9zUv2s4bULGEBx1AxWDpJv%2BLOWbeQMUwVEUkQXD%2F7N6aaD2j50L9DlyBoRwQu8w%2BsDQyXzHM%2BLcTFFiHa%2BZWEdliDsuWQojj%2BaqL99BP26wxn2%2BF91wtZLMS4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81483af-MXP
content-length: 23749

GET
H2 200 687c56bb2ba5bbaa3bc7bf9ae52e5e21055eaf85.jpg
sud.ua/uploads/news/2022/06/03/ 21 KB
21 KB 379ms
370ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/687c56bb2ba5bbaa3bc7bf9ae52e5e21055eaf85.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 343c9542d86ea159d5daa1d3baa27ff88bb1dd7283b737f563cc390efac61a82

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 10:03:40 GMT
server: cloudflare
etag: "6299dc7c-5285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwNoy8LLsE%2Fsfyd0c0cwTvYHfFMuWvXphUSp7HLZH%2BLKCQGmTqHosDL2da2fqliia8ffg0MTvSlwzlZvyQF0IqaudEU%2BCJoLhQQ%2Fc7oHgEbOWI89bfzcQM%2Bd%2FPaAL2N53De7gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81583af-MXP
content-length: 21125

GET
H2 200 4de2033fb4bc9c17371dcd7c225ecb49b8e669f4.jpg
sud.ua/uploads/news/2022/06/01/ 24 KB
24 KB 291ms
283ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/01/4de2033fb4bc9c17371dcd7c225ecb49b8e669f4.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41aa56d75de2ecfad62c286a5257069a7c6fc4e1fc7e82ed5c843748433a1f19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 01 Jun 2022 09:14:55 GMT
server: cloudflare
etag: "62972e0f-5f9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQxsvrkDUSUCDywXOgbwBubDw6TKwQotmgvtdO8L1GruvywscP7fydkHN7gR4gQyKGRAP4mZzWegwqEik%2FRsiianHxFM6OUmmb%2F%2FWLAh08EoXyr5a5R4jM5YSJiGB%2B3ERY6qHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81683af-MXP
content-length: 24479

GET
H2 200 6c01089bcbbc126f2e528ace2cb10f932b15683b.jpg
sud.ua/uploads/news/2022/06/03/ 21 KB
21 KB 372ms
363ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/06/03/6c01089bcbbc126f2e528ace2cb10f932b15683b.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 959869aa48273cf056f93b7b1895144dd746841e6edc1cc58db3b45a8c1091f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 03 Jun 2022 18:11:19 GMT
server: cloudflare
etag: "629a4ec7-527e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUjwX0jlmtAKSiKrL%2FLWLd4EUv3KIJf%2BEYsszW5MQBc%2BxroY4Dn5Xoi8p%2Bl80jutvvk5gkyaD1U08bUV7ciHhvlQyi%2Bh6X8vuoFW31SScsEFtd%2B0DEo4y4MJa9h3fOy2B4LNrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81883af-MXP
content-length: 21118

GET
H2 200 42dbf40fc0042a390430d87c1694c7b3017102af.jpg
sud.ua/uploads/news_author/2022/ 6 KB
6 KB 710ms
702ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2022/42dbf40fc0042a390430d87c1694c7b3017102af.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93977e7c8fd2f2d93305a05661dbe50ddd358417bc557222ba1ab47814c9e859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 09 Mar 2022 14:57:20 GMT
server: cloudflare
etag: "6228c050-166a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xV89P57S3QbMxDYFK%2Ff3S0LIY5QIxXHLUDOsirRcrCfqk4TliyLWeBTVJh6s%2BzUeF6X82nNr2zeJL%2BqU261lT28i1qcUWJ3sqW2pFPiLexDUbv29ysxGw65i0nMFh7PUF%2Fnawg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81983af-MXP
content-length: 5738

GET
H2 200 b1437ae8d85465fb88d2a5534a3870d7401fa50a.jpg
sud.ua/uploads/news_author/2022/ 5 KB
5 KB 392ms
384ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2022/b1437ae8d85465fb88d2a5534a3870d7401fa50a.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ed901ede0a92f683fe1204f4fc894172ca75738716cd91b71d3e541f8f5cb14

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 11 Apr 2022 08:36:05 GMT
server: cloudflare
etag: "6253e875-1460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXX6SvEaXjFrwNhQciyZYKK9DrcJdB%2BrjX13HwQJVrOcZ65rH13vV95HnbkIPlcJStukyiLr7wlFnlXitE5R57QnGaiVeaPk4OriXsiaIwARz%2FlsXNz1rN2Ydpn5ZwaoqmKPOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81a83af-MXP
content-length: 5216

GET
H2 200 4354e9b3cafb92578a592d73a74868b5010f2fde.jpg
sud.ua/uploads/news_author/2021/ 5 KB
5 KB 392ms
384ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2021/4354e9b3cafb92578a592d73a74868b5010f2fde.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77667fb41448b850fe26fc703b90ada745b39e77a6d0ecafba9af0e89da66cb3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 22 Nov 2021 09:28:12 GMT
server: cloudflare
etag: "619b62ac-1394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANywvPJUM7yphiXu5X1Ns9%2FoI3VBmt3BJsd4LHBGCC9bv%2F3%2Fz7K8s03%2BG7QFUsT0ezl%2BZQFo1%2BX5R12zcr0znErr%2Fhket5kf38fsBkHob3cAeMTkf0JS6FAPLbwsSdxhpEscCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81c83af-MXP
content-length: 5012

GET
H2 200 956109ea9fff61a92023f5799a5087deb9853df4.jpg
sud.ua/uploads/news_author/2022/ 7 KB
8 KB 373ms
365ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2022/956109ea9fff61a92023f5799a5087deb9853df4.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33ec6a95baabcf5af458a8193df2245fc7a13997afc8d82aa9e4f77cf9acc7b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 09 Mar 2022 19:15:10 GMT
server: cloudflare
etag: "6228fcbe-1d35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwLeI2caOA%2Bp956Glq9veyS9r3UAIzwt2H4etoCDvgovdV4qJcK2fKJ1wQJv%2FkQTkjIq%2B9fociA1CC7N9M2%2FAK5bPbrSgFAYGJWyCfp5xdVh9OII22sp9%2B9D7Qw6cdbFx5FknA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81d83af-MXP
content-length: 7477

GET
H2 200 9fe6492e8f84f4c1e706d30b9180027c9430fd0a.jpg
sud.ua/uploads/news_author/2020/ 7 KB
7 KB 638ms
630ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news_author/2020/9fe6492e8f84f4c1e706d30b9180027c9430fd0a.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5744bf5cb2ac2e0c42956ac12a8fd105689598b89136b122c7786e81347926

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Oct 2020 14:43:02 GMT
server: cloudflare
etag: "5f846b76-1b3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzEDsOUtiTPK3ntVp7JlCzhABg8lOQcifGLgAxCNGdoQx%2FKIqVmEWnGG6AOuv7tAMWBlEbuJazRwDb1A%2Br8UyztI41giUi3eBs2dGr86rQin1D5dFco%2FYXf9lSciXFB5KXK8Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81e83af-MXP
content-length: 6972

GET
H2 200 9b3887a379baec42b9b5de9dbcb995cfdcda1b63.jpg
sud.ua/uploads/banner/2016/ 300 KB
301 KB 372ms
364ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/banner/2016/9b3887a379baec42b9b5de9dbcb995cfdcda1b63.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13cd5c51c459b11de3be896c4efb3cf3c32b5ed3a11128dceac6f712dfeaec3e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 31 Mar 2022 09:23:50 GMT
server: cloudflare
etag: "62457326-4afda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PO%2FcWiWrhcrnkB2WRmCruv7lWVH2iDVOM5No1XZH3CQ6q7CGcKJ3Qpk2%2F3j2ijMfXqUyAeiq0IW%2FZL%2BPNLvnkIsjfwcvzAKaPQ7rni2LBYR55kV%2BYuqqfGSfXI0Uv0BGOKoXQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a81f83af-MXP
content-length: 307162

GET
H2 200 bb6dfb86fc621e228c61197757d62b9bfc16b956.jpg
sud.ua/uploads/news/2022/05/24/ 193 KB
193 KB 1196ms
1188ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/24/bb6dfb86fc621e228c61197757d62b9bfc16b956.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ce88d03def96531104b9663bb9ff14b59f9046b3980a0d1be011ebe37afbb6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 24 May 2022 09:53:54 GMT
server: cloudflare
etag: "628cab32-30278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnlwmwlZzPAf9cVIz60Avhc0z03P9r7xVi9iiroirTT2oGguOlXT4jSdl9os4kbSzkpod%2FAhcYWY498a8pfR07zY71t8BTJ%2BeeHhTvF2MKAbO8rA46bg4IfFNATVt2insfTUjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a82083af-MXP
content-length: 197240

GET
H2 200 a81be21503ee1f2afe6936d2dfe1f9a524c3f0eb.jpg
sud.ua/uploads/news/2022/05/22/ 83 KB
84 KB 278ms
271ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/22/a81be21503ee1f2afe6936d2dfe1f9a524c3f0eb.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0be4fdac90e369038d1b323fe54fb8b0a74b9b6734369a261d7d1c6f89f0f35d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 22 May 2022 14:28:55 GMT
server: cloudflare
etag: "628a48a7-14d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85%2Fqb5KtGm0%2F3rzusGl0QocutGipoHU%2BUsm%2B%2BGDuagdzgxKQYrhxZfCmCuMFG9%2B18rx6yp%2F6ut9XfD3fQA%2BWuYr%2BuzqfDCgI6mOl1v8QBvT1kQ1GuumLvqhmmqrecHvn3uXMOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a82283af-MXP
content-length: 85360

GET
H2 200 604bffde48848cdcb6521940e175061f8257bde3.jpg
sud.ua/uploads/news/2022/05/22/ 70 KB
71 KB 469ms
462ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/22/604bffde48848cdcb6521940e175061f8257bde3.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d5191efb7d425f694215b8a9325030cd918bfc73d5c2d8f4babe518d7c8e83

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 22 May 2022 16:26:12 GMT
server: cloudflare
etag: "628a6424-119bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIm%2FX%2FpvSb4U4hqSxJ8N737XoCLeNVONDZAoVkdnPVE5yH9kXVWBCKfmB8EBxn6TW6rScj1aEc7YmhzhuruV1BPkK9lJaYG%2BJrGFF6yPkBaB3co5ha8iKtP71u68ouqGB%2BOnpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a82383af-MXP
content-length: 72127

GET
H2 200 855d65ca763575386adee6a15a58e17999a11fd5.jpg
sud.ua/uploads/news/2022/05/22/ 127 KB
127 KB 1195ms
1188ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/22/855d65ca763575386adee6a15a58e17999a11fd5.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2d9389468e883560b5167907d24ea6463bdd4d2d8b2ca7197f5ec892f3d63b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 22 May 2022 10:20:39 GMT
server: cloudflare
etag: "628a0e77-1fb40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXgYPdxoGPvbYkc4%2BxWTZumYr9YvLsuG0lNOCrJYNfYoL%2BjobwF8evW%2BPN%2BwevhBgE8iPm%2B5bL1iKuBTdrHqOp5Dxeb5P3kbz%2Ba5ASB7yBb00zfaTq9pk1KALO7lS%2BuDdF%2FLkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a82483af-MXP
content-length: 129856

GET
H2 200 bc590b7bf312c41201e0ffaead2da78578fa029e.jpg
sud.ua/uploads/news/2022/05/21/ 214 KB
214 KB 1196ms
1189ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/21/bc590b7bf312c41201e0ffaead2da78578fa029e.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a58ff3351925f2087cd976aab10b26c058c850160ee3a0a81f429659086eeb4c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 20 May 2022 16:08:44 GMT
server: cloudflare
etag: "6287bd0c-35664"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FANHFvjKCULNxTqDm%2FpAqQ%2Bz%2F6WPeh1zFXtYDgnFFBdJXp13UVoRbTIvzHsH4j0oC3rHd2naoyA5Nwan1Pc7jTLGrnYrBYJAEdBrucgV1bj%2FBh8e%2FAdIirXAt9atE6B77FQkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a82583af-MXP
content-length: 218724

GET
H2 200 b3ada678e1af0e748b5cd897b3fd8a7ee609007b.jpg
sud.ua/uploads/news/2022/05/21/ 108 KB
108 KB 277ms
270ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/21/b3ada678e1af0e748b5cd897b3fd8a7ee609007b.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33b33ea4e6b3d60258cf1d4ab23c48ead8d4971e38db9c4a33cb421d97adcadb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 20 May 2022 15:13:04 GMT
server: cloudflare
etag: "6287b000-1b001"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SL6PcFW79ZQsc7fhBkob8rYE%2BACoQdroA0%2BhZQ%2B2nFB%2BGpXwncjaSj2ET1iqWMIjmZCMOYogpHkTYwhtshJXkdIeWZWGBJ%2BnDpLOTZ1en07ncbDvM0wqgIbPwgSJ5C0S7tuMbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a82683af-MXP
content-length: 110593

GET
H2 200 email-decode.min.js Show response
sud.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 66ms
66ms Script
application/javascript 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sud.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 May 2022 19:22:11 GMT
server: cloudflare
etag: W/"629124e3-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fLocJeQzNqO%2Buy7GMhPhDRGfFM4mrxhxOyX%2Fw7fcAbrwBKwLMsiGgzplT8EedftCAjW4K8wLThG0c16L%2FS%2BiEfhKyl%2Bxf2xJLvNyugeTyJHymdYN18CmrtbFmG3a%2F3RwE0yzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 715dc1e1df1383af-MXP
vary: Accept-Encoding
expires: Mon, 06 Jun 2022 03:59:42 GMT

GET
H2 200 62f78db8390b1bdc601e00086b78cd01379af215.PNG
sud.ua/uploads/news/2022/05/23/ 540 KB
541 KB 1195ms
1189ms Image
image/png 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/23/62f78db8390b1bdc601e00086b78cd01379af215.PNG
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8f4ada5a02f96f040affe3cd41d8dd6b217b9eb390cf7d6ca0461c0a41cb9d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 23 May 2022 13:45:18 GMT
server: cloudflare
etag: "628b8fee-86fd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spGdyz8sVV7WPFuNviqMspF85kiwt6635ETSygXqNEPxwf9qqEpjFiX%2FogaGcPhicDhRoVoe1iUKj4%2FfBJ7y87OKx9TsJXHuKaCX6XDIyZsyJkXzKVufId8fmSiytEO5Yf7L2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 715dc1e2a82783af-MXP
content-length: 552920

GET
H2 200 f8f458b633966c7b8e56a050ace5f2fb9e995577.png
sud.ua/uploads/news/2022/05/23/ 310 KB
311 KB 354ms
347ms Image
image/png 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/23/f8f458b633966c7b8e56a050ace5f2fb9e995577.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be9304cfbb910f119eb6209ccf6a5b2d8e174711e2a14d3991c9c3de97ef661b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 23 May 2022 08:47:18 GMT
server: cloudflare
etag: "628b4a16-4d761"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BX%2FeF04%2FH45a8%2Fq2zZV%2BX%2FSHeUTaQxFDEhyW7ClhA7PjBmzCed4GhzUDqi9Dh9NdgSYoCE7YPoymkkinKfSZU%2BajtjYZOAcYWd%2F7IL3FeEAPjsa1DYxzTLWEt%2BFZPCBxffV8wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 715dc1e2a82883af-MXP
content-length: 317281

GET
H2 200 20ef0055b098fc819fafcf90cd906bdc9fb6604f.jpg
sud.ua/uploads/news/2022/05/22/ 68 KB
68 KB 580ms
573ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/22/20ef0055b098fc819fafcf90cd906bdc9fb6604f.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52948751be15764e667fa31f8318deacaeffbda00b52955d8b0b3cddb25e9cf3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 22 May 2022 18:34:32 GMT
server: cloudflare
etag: "628a8238-10e2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVxfdHZeWYQxRTj%2FxArP2pdbXgNKLlKLvPcGEPeNufI66TY5QexkkenuRM5PteqJT4IjMTnv1m3zL2H8VjLMCilQdz9OjyWQv4PW07%2Bl8WJcLNSRcZijdWs%2BcHyIGme8ylxg4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a82983af-MXP
content-length: 69165

GET
H2 200 5b09e3ef4f78ce5c0ad6b179561695b828450463.jpg
sud.ua/uploads/news/2022/05/22/ 103 KB
104 KB 590ms
584ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/22/5b09e3ef4f78ce5c0ad6b179561695b828450463.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb49e222201cc9d523591ec2342060bcf6330ca4e0eac60c9ef350b9f7bf1780

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 22 May 2022 10:12:09 GMT
server: cloudflare
etag: "628a0c79-19de8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=547nM2YcRn6QLYXkm2HSW2%2Bbont%2B7C%2FnwmKOoJSRhtFmIne6MI44KNZRC1OfNwTP4wC%2FhMc4MFzE7Bxlx%2Fh45wg2yfbxFbOouEMjt6TwsQVj1rtcYn39Fgww7eb%2FgvWWsAVnGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a82a83af-MXP
content-length: 105960

GET
H2 200 7df51e95816ae6bd5e260e237879b8c493b70719.jpg
sud.ua/uploads/news/2022/05/22/ 117 KB
117 KB 561ms
554ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/22/7df51e95816ae6bd5e260e237879b8c493b70719.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33b54cc71185fd1aa2a8fab811b855e146a77cb0799b9a499ea777b9ae9f743

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 22 May 2022 14:41:23 GMT
server: cloudflare
etag: "628a4b93-1d347"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BbMRAcYDtk6yvPbdcaFMsoioSfBtxheuLv%2FrDSk8E0CdkZ23vMtytPK3F%2Bqu3E%2FR8%2F8wS2QC102qESBvKY1vfw2JKivwikIdJijvSfa6M2hHrpsk%2Fq8AGZyHE3UgNvoQ9kMaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a82b83af-MXP
content-length: 119623

GET
H2 200 4e845a8066d5a8247be2d26ce20368230d0e83da.jpg
sud.ua/uploads/news/2022/05/21/ 81 KB
82 KB 380ms
373ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/news/2022/05/21/4e845a8066d5a8247be2d26ce20368230d0e83da.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6cb58d7636f83367aef31a8a443ae6996fc50fb3c569f37044a770cfa68ee1e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 21 May 2022 18:12:53 GMT
server: cloudflare
etag: "62892ba5-145b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3s6t0lbfFGWH1YsawRBpwSO6EzjC4vnewV9INU%2Fsj6OMOx2pbDUwIBoqcSh9S3igA8WDwc%2FB8tODhMkFQMC52NYEK0GpefWz73L8gvViost9XqX99eP59BqweQmIdWzOwGv3oA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a82c83af-MXP
content-length: 83377

GET
H2 200 rcode.RXTtRlV3fD.js Show response
recreativ.ru/ 0
62 B 219ms
43ms Script
application/javascript 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://recreativ.ru/rcode.RXTtRlV3fD.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
server: nginx
content-length: 0
content-type: application/javascript

GET
H2 200 reset.css
sud.ua/css/ 773 B
733 B 72ms
70ms Stylesheet
text/css 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sud.ua/css/reset.css
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5558
cf-polished: origSize=985
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: W/"5ba0ee53-3d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbEBuueOEi8hBg0hvoJoTCCNeI8hay%2BKwN1GfSwbre%2FM99bPUB24M72wmymv0oM5OW6lBjFupev6DW%2FO7WjFZMNl4ATA1Ml%2BB3M4PdQS5RlaWSYVrWaWWp6C6BSm6Phsbmc9DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 715dc1e14e7b83af-MXP
cf-bgj: minify

GET
H2 200 58f9d12a49bbaa00120f493d.js Show response
buttons-config.sharethis.com/js/ 472 B
899 B 172ms
45ms Script
text/javascript 2600:9000:2156:9200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/58f9d12a49bbaa00120f493d.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:9200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa3b6b444ffbf3dadd31b66c2ec3f593db35c65ff29f08692cf7f4776d20af1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 04 Jun 2022 03:59:42 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 21:07:20 GMT
server: AmazonS3
age: 9
etag: "95d19d51e4043570fd43b09d21f0be43"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 472
x-amz-cf-id: wlmD8mtO8eMJGguYdqD9pUtkfuHinwPn9w4yWACO0zYBAtG2pr4YMg==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
393 B 177ms
41ms XHR
text/plain 52.29.129.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=sud.ua&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fsud.ua%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%D0%A1%D1%83%D0%B4%D0%B5%D0%B1%D0%BD%D0%BE-%D1%8E%D1%80%D0%B8%D0%B4%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&cms=unknown&publisher=58f9d12a49bbaa00120f493d&sop=true&version=st_sop.js&lang=en

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.129.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-129-101.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 04 Jun 2022 03:59:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://sud.ua
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 209ms
54ms Script
text/javascript 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6839
date: Sat, 04 Jun 2022 02:05:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 04 Jun 2022 04:05:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 127ms
40ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: +loLUVsPzlm8jWxWFE3tlNNF9Q3K6IKHpgFWPqiyJWIhsVGUP/bPcMdyliKx3bajK8ZMUSGgKpvx8mXSHoq6oA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sat, 04 Jun 2022 03:59:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 134ms
47ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2dcb54cacefdb84893556f05c085894a52bfeb482a9f0e561d8b201ec8e3101f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lw7UiReY2rB+hTPWZ0OMGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 04 Jun 2022 04:02:53 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: MEcJ0hNkM+kLCsq/PZQdmQZouYUsqdbe+R/M5Tm9jlx3Urworuv7Uheflo9U+qyJsre3zmDqBnd5mN68dsVPXg==
x-fb-trip-id: 917726464
x-fb-content-md5: ccf7f8f73fc42226aa59a7e1b5749768
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 04 Jun 2022 03:59:42 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a6a8e206f98435d30a76b8a6d614ef8c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 2673156668a0b9ea3bc1a28084a5556bf8493308.jpg
sud.ua/uploads/issue/2021/03/08/ 26 KB
27 KB 636ms
631ms Image
image/jpeg 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/uploads/issue/2021/03/08/2673156668a0b9ea3bc1a28084a5556bf8493308.jpg
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8e2a00c397f02038b70223a315c58409cd4b29b577c7b67b076c4ddffc1e932

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Mar 2021 20:40:15 GMT
server: cloudflare
etag: "6042972f-68f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHTMzTVimIQB7V5%2FMg0nbKGINEFN%2BKp4zsiXnSqSXE7RNBn3VjuiR3%2F88T5ISrGIDRv4LRyUClSSPsbpdQ580QJhauYfYNkHD0a5GzX1qwqNt644m%2FByoNz4%2BWRvgntrWoUBmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 715dc1e2a82e83af-MXP
content-length: 26864

GET
H2 200 issue_line.png
sud.ua/images/ 2 KB
2 KB 709ms
705ms Image
image/png 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/issue_line.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd29d93688f3cfb2f685ca050428cf6ab7cd7d4a7d723a3f39c78f1584419ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
etag: "5ba0ee53-6b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry9aXAIyNewsoTd4djDCLDTrP6hW6qpeyT27nzpAQLqedpuWDT5M5GnBS5kYKB8C0aGrfOr98TyQ5IZkQh9IiTTIDw1DaYqFqPaozYcm6BOYOVDGYpfsHP%2BFwpE%2BCRpWewT%2BoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 715dc1e2a83083af-MXP
content-length: 1714

GET
H2 200 src_ico.png
sud.ua/images/ 1 KB
1 KB 137ms
133ms Image
image/png 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/src_ico.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c9141010cf4cc43881f45220d5a17e89938fc24d9dd8a3a8b98b36ccd33d30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 5557
etag: "5ba0ee53-4bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FcXP94aj06xfyXIWQWe8sfH9kaRQnY2Z7UARBEkmOMGRANTEs2mjX4FIJ9dx4rjPk1eLzesHrXmbO%2FSlID6YfuAkUb93igO6OqaCk7G5La8lY%2F7BMrp3ukYR0lzws9V7BsxSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 715dc1e2a83183af-MXP
content-length: 1212

GET
H2 200 s_ico.png
sud.ua/images/ 5 KB
5 KB 137ms
132ms Image
image/png 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/s_ico.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be6e94ecf29b4cab11120ced07a975654c6a85678b7646f6e92e1c4673206551

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 21:39:21 GMT
server: cloudflare
age: 5557
etag: "60493c89-120d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgtxSJ71oR8K4aZQamB0KQyv78YI3DmPik8KtSR0obG8A1eT%2BFx8B0ZwDBeKhiMamJoO4NAx6GpVaTGL6Ky2971ycMm7tl0z3vyuzPpAabdtGmhotStyudc1xa8%2FLgUO1ntfpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 715dc1e2a83383af-MXP
content-length: 4621

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 194ms
99ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 372599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 228ms
133ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 21:51:35 GMT
x-content-type-options: nosniff
age: 367687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 21:51:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 136ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 406315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 11:07:47 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
fonts.gstatic.com/s/notoserif/v21/ 18 KB
18 KB 177ms
84ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d46ead9f910fcfde400da676a140b14241a2f67c6f2c0557cb2139cb10ebb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 13:40:31 GMT
x-content-type-options: nosniff
age: 397151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18328
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:10:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 13:40:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 143ms
53ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 400598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 12:43:04 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v21/ 27 KB
27 KB 205ms
119ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 19:24:26 GMT
x-content-type-options: nosniff
age: 376516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27456
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:10:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 19:24:26 GMT

GET
H2 200 playlist Show response
www.youtube.com/embed/ Frame D9BA 227 KB
44 KB 358ms
253ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a7502d2dfd9fcfe0ac4713aabd192b677c3749b396abdb42dea0ff1ff214d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sat, 04 Jun 2022 03:59:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 arrow.gif
sud.ua/images/ 2 KB
2 KB 547ms
547ms Image
image/gif 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/arrow.gif
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da4b5b07477784514c5b7669c83e1d2ebaec4dff8fa63d4bbf2f56973179b207

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Aug 2019 09:54:15 GMT
server: cloudflare
etag: "5d5288c7-640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vrml%2F7s4oLRK7dpFTzBM34x6u7wIeiL9Wuyv8r%2BCFCrm5XSVf6rlUdZCtAGz5onIUyCGsGiIexizyB8kmU9BeRzkgZJdrwy36zYDRt5gj5TJNjNTEZ%2FEx22AqKMMo13kDn2zPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 715dc1e2a83483af-MXP
content-length: 1600

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//sud.ua/;0.9094422161927818
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//sud.ua/;0.9094422161927818

43 B
528 B

74ms
73ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//sud.ua/;0.9094422161927818

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:42 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 03 Jun 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:42 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//sud.ua/;0.9094422161927818
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 03 Jun 2021 21:00:00 GMT

GET
H2 200 playlist Show response
www.youtube.com/embed/ Frame 052A 227 KB
45 KB 292ms
196ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8317c63e716a6e6c70709fb9fe7d946fe903eb14a3e92998229cd394466a4895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sat, 04 Jun 2022 03:59:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 newspapper.png
sud.ua/images/ 37 KB
38 KB 115ms
115ms Image
image/png 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/newspapper.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 080caf1867eb9590d5bc98c4ba64aa0d62ef95efe5bbccc83e52114c18f101ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 5556
etag: "5ba0ee53-952c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55tjdIYGclx2fOgVJuM8J8%2FD9rz%2FB%2FPuGFBtvTty%2B4UaCIDr2qPuowniy0GbVZnUQ7JpSjOH5lT3su74HstRDDEtm6t7S%2FgRSHVT61lIu0dog48NOuBnItcsfhVvTObk1s7EMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 715dc1e2a83583af-MXP
content-length: 38188

GET
H2 200 social.png
sud.ua/images/ 7 KB
7 KB 117ms
117ms Image
image/png 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/social.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01650f811314c520a71b059d7d6bd0e2382029d1c6a6f82524400d3563bad922

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: HIT
last-modified: Mon, 20 Jan 2020 12:55:50 GMT
server: cloudflare
age: 5556
etag: "5e25a356-1bd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8uByaXQT39iy3K3IpBtHgxi16oCIScjc2Z3ldfKE5EF9QgKn40HeFTFeqcMcUFKTZXERl6SQ3MyLJHYyoXEnTqME49if6eehrZAOeR6MEAcK3CLKraojR70gxTzxY9%2BOXyHgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 715dc1e2a83683af-MXP
content-length: 7122

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
fonts.gstatic.com/s/notoserif/v21/ 16 KB
16 KB 177ms
107ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i|Roboto:100,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749532b47faa826b6001b06da2e4085a3118525b9c9164fd0aa10e9944b9967a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 30 May 2022 19:07:30 GMT
x-content-type-options: nosniff
age: 377532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:36:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 19:07:30 GMT

GET
H2 200 jsunit Show response
a4p.adpartner.pro/ 12 KB
3 KB 173ms
56ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit?id=3106&ref=&0.9248079962664459
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 5ce7674f781f940e5bdcee7ceea71dc02578b9dcc51035007c56952fc3020cee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
m.mixadvert.com/show/ 4 KB
4 KB 152ms
40ms Script
application/javascript 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show/?id=5251&r=0.784614062310472

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

b4443b205aef184d3827d368026f2950cd29b017d4df7ac93fbb5d15668478ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
strict-transport-security: max-age=15768000, max-age=15768000
content-type: application/javascript; charset=utf-8

GET
H2 200 main.js Show response
go.rcvlink.com/static/ Frame D111 6 KB
3 KB 186ms
44ms Script
application/javascript 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/static/main.js
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e8dcdf5dff373850306ae1bb9c886dbeb76540e57163f2124a52408fad73ec2f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: gzip
last-modified: Fri, 11 Mar 2022 21:45:12 GMT
server: nginx
etag: W/"622bc2e8-18d0"
content-type: application/javascript
cache-control: max-age=86400
expires: Sun, 05 Jun 2022 03:59:42 GMT

GET
H2

200

03.png
i.bigmir.net/cnt/
Redirect Chain

https://c.bigmir.net/?v16953431&s16954880&t3&c1&n199687&w0&y0&d24&r1600
https://i.bigmir.net/cnt/03.png

723 B
897 B

245ms
67ms

Image
image/png

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/03.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
last-modified: Sun, 02 Oct 2005 23:04:59 GMT
server: nginx
etag: "4340679b-2d3"
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 723
expires: Tue, 07 Jun 2022 03:59:43 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:42 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/03.png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 top.png
sud.ua/images/ 1 KB
2 KB 89ms
89ms Image
image/png 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/top.png
Requested by: Host: sud.ua
URL: https://sud.ua/css/sud.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d39876159a565d9c3c7a6abd4c4ac30182045b2c9ed5013aecded4fd9802c86f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/css/sud.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 5555
etag: "5ba0ee53-4ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wE76NReufu%2BqXlaZbDQ1XEf1yrVF%2Fhn1I9p6685LoJBkMV40HnNyKUTxo%2BqOz0Gz4mh%2F%2FQbT4OXtQ4vFFr2iWQMRxWi2NlA8JEh%2B2KZ%2F9IpCAaMTfOlKUovHwp%2F4oSkLqN%2BZaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 715dc1e2a83883af-MXP
content-length: 1258

GET
H2 200 nav.png
sud.ua/images/ 2 KB
2 KB 72ms
71ms Image
image/png 2606:4700:20::681a:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sud.ua/images/nav.png
Requested by: Host: sud.ua
URL: https://sud.ua/js/flexslider/flexslider.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0ab997391abab3e273f905250bdc273cee6566988361ade951087cad01eab03

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/js/flexslider/flexslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Sep 2018 12:23:47 GMT
server: cloudflare
age: 5554
etag: "5ba0ee53-6e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpJ%2BSpvG6pRkjUvNNaXk012Pm0V7b0ijdBX7ud95tGfWfRx7vPB8T19Al11vD3l2mRFEDJiDwB%2F1jBZJEOW3iH5yNAQpfNBDA6LBq2z1eGKI7tVtGI3nH5idmQxLlSFdr0vROg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 715dc1e2b83983af-MXP
content-length: 1766

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 295 KB
84 KB 83ms
40ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=91b2353f516eb42b893a0060132e1442

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

140c05aa3ad5adcbe565c7629b2eb02e5bf6f3e8966b2a9f4a90261bcccc8459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sud.ua/
Origin: https://sud.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xtJ6Bj0USsgVKke4SaOAeA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85949
x-fb-rlafr: 0
x-fb-debug: 16srA9dL/6X6cmxE/9swtpbhdqdIZEG7lRWuihCihlgBsMDakl9tR74/fcUQNvbCJVALotpPLARrfYMkACn6xQ==
x-fb-content-md5: 8c3b7eebefaaa985f5bc0655aa028ca5
x-frame-options: DENY
date: Sat, 04 Jun 2022 03:59:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ebf2d35ad82913a4b3f855016e0cbf19"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 03 Jun 2023 20:39:58 GMT

GET
H2 200 2149114148710027 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2149114148710027?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8d67dbe71470846801afc790b05a4e7bef6cd88e221f6edb35bc59292db841d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88784
x-xss-protection: 0
pragma: public
x-fb-debug: n7PJeNx6otR099zQec8BIgdOKERJ05N2BH1AHHSPKEHMgtAQXaQGw6I9KiUSZVSr82zshTfQdizyr74N2jbgcw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 04 Jun 2022 03:59:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 tt
a4p.adpartner.pro/ Frame 4F8A 0
0 800ms
800ms Document
text/plain 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=0be443d6-9223-42a1-86d5-041288017f6d&session_pageview=1&session_id=71ba12b6-e658-474e-9ee1-b2127c50666a&site_visited=1&location=https%3A%2F%2Fsud.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=3106&ref=&0.9248079962664459
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Sat, 04 Jun 2022 03:59:43 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/jsunit/ Frame 2E6B 5 KB
2 KB 57ms
57ms Document
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&shown=&session_pageview=1&session_id=71ba12b6-e658-474e-9ee1-b2127c50666a&site_visited=1&apuid=0be443d6-9223-42a1-86d5-041288017f6d&width=300&screen_width=1600&reload_count=0&banner_num=1654315182602179792&is_in_viewport=0&ref=&location=https%3A%2F%2Fsud.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=3106&ref=&0.9248079962664459
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: ceab074396cdd1d1db1eb32b8b0addbf8c9200d8438510d3ceaf37d27f9ecbab

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 04 Jun 2022 03:59:42 GMT
server: nginx

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 180ms
68ms Image
image/gif 2a00:1450:4014:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=403442113&utmhn=sud.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A1%D1%83%D0%B4%D0%B5%D0%B1%D0%BD%D0%BE-%D1%8E%D1%80%D0%B8%D0%B4%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&utmhid=1528959078&utmr=-&utmp=%2F&utmht=1654315182733&utmac=UA-30552542-1&utmcc=__utma%3D223010201.715736791.1654315183.1654315183.1654315183.1%3B%2B__utmz%3D223010201.1654315183.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=597370814&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 125ms
40ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2149114148710027&ev=PageView&dl=https%3A%2F%2Fsud.ua%2F&rl=&if=false&ts=1654315182745&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654315182744.723974040&it=1654315182561&coo=false&exp=p1&rqm=GET

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sat, 04 Jun 2022 03:59:42 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/ 323 KB
115 KB 151ms
67ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2535113839332652&plah=sud.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dab0b7546e28270f0eeb217057d9299a976091219cb9945272dbdd4f4d0f0c75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117455
x-xss-protection: 0
server: cafe
etag: 2411766330683492896
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 03:59:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/ Frame BD83 10 KB
5 KB 138ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 30202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 19:36:20 GMT
etag: 1327746537699501093
expires: Fri, 17 Jun 2022 19:36:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/02208bb4/ Frame 052A 338 KB
46 KB 141ms
57ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

623aab405058e30a77d9161bd1a4e1ba46549e2b7937db37205dbdb772852662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 02:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47515
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 04 Jun 2023 02:00:27 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/02208bb4/www-embed-player.vflset/ Frame 052A 302 KB
93 KB 206ms
124ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b668e843499461acaf97c3e2b7c4a55940f37e6b083168928b538f9736213f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95691
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 04 Jun 2023 03:00:29 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/ Frame 052A 2 MB
530 KB 218ms
135ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce99da4a960101c6715faad489e41c318de6e71110c0bd7a5c66a77c93436ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 542887
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Jun 2023 16:12:13 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/ Frame 052A 9 KB
3 KB 204ms
122ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 02:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 04 Jun 2023 02:17:22 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/02208bb4/ Frame D9BA 338 KB
46 KB 115ms
41ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

623aab405058e30a77d9161bd1a4e1ba46549e2b7937db37205dbdb772852662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 02:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47515
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 04 Jun 2023 02:00:27 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/02208bb4/www-embed-player.vflset/ Frame D9BA 302 KB
93 KB 203ms
129ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b668e843499461acaf97c3e2b7c4a55940f37e6b083168928b538f9736213f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95691
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 04 Jun 2023 03:00:29 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/ Frame D9BA 2 MB
530 KB 214ms
140ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce99da4a960101c6715faad489e41c318de6e71110c0bd7a5c66a77c93436ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 542887
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Jun 2023 16:12:13 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/ Frame D9BA 9 KB
3 KB 197ms
123ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 02:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 04 Jun 2023 02:17:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 052A 15 KB
15 KB 123ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 31 May 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 319297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 31 May 2023 11:18:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2E6B 49 KB
20 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&shown=&session_pageview=1&session_id=71ba12b6-e658-474e-9ee1-b2127c50666a&site_visited=1&apuid=0be443d6-9223-42a1-86d5-041288017f6d&width=300&screen_width=1600&reload_count=0&banner_num=1654315182602179792&is_in_viewport=0&ref=&location=https%3A%2F%2Fsud.ua%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6034
date: Sat, 04 Jun 2022 02:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 04 Jun 2022 04:19:08 GMT

POST
H2 200 jsunit Show response
a4p.adpartner.pro/ Frame 2E6B 26 KB
6 KB 186ms
185ms XHR
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit?banner_num=1654315182602179792&id=3106&is_in_viewport=0&ref=&reload_count=0&session_id=71ba12b6-e658-474e-9ee1-b2127c50666a&session_pageview=1&shown=&site_visited=1&unit_id=6480
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&shown=&session_pageview=1&session_id=71ba12b6-e658-474e-9ee1-b2127c50666a&site_visited=1&apuid=0be443d6-9223-42a1-86d5-041288017f6d&width=300&screen_width=1600&reload_count=0&banner_num=1654315182602179792&is_in_viewport=0&ref=&location=https%3A%2F%2Fsud.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: aa78bf5b5a5b930c9fa82e8242282ede94db16d34af4ab7c30b83255431f896a

Request headers

Referer: https://a4p.adpartner.pro/jsunit/ls?jsunit=3106&unit_id=6480&shown=&session_pageview=1&session_id=71ba12b6-e658-474e-9ee1-b2127c50666a&site_visited=1&apuid=0be443d6-9223-42a1-86d5-041288017f6d&width=300&screen_width=1600&reload_count=0&banner_num=1654315182602179792&is_in_viewport=0&ref=&location=https%3A%2F%2Fsud.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://a4p.adpartner.pro
date: Sat, 04 Jun 2022 03:59:42 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/javascript; charset=utf-8

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D9BA 15 KB
15 KB 121ms
42ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 31 May 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 319297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 31 May 2023 11:18:05 GMT

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame D111 34 B
237 B 46ms
46ms Script
text/javascript 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: baf195a8db6925893ed5e8606c8873a511d47438736d4812fc13bd2a4a43e2a5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b18
cache-control: private, max-age=315360000
expires: Tue, 01 Jun 2032 06:59:42 +0300

GET
H2 200 iframe.htm Show response
go.rcvlink.com/static/ Frame 3D6D 17 KB
7 KB 45ms
44ms Document
text/html 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/static/iframe.htm
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e3b5d759ff9d75be634664fc1ae80f63318195ad6e7e40c0df9fd9e3e0ba43be

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Sat, 04 Jun 2022 03:59:42 GMT
etag: W/"623db510-4430"
expires: Sun, 05 Jun 2022 03:59:42 GMT
last-modified: Fri, 25 Mar 2022 12:26:56 GMT
server: nginx

GET
H2 200 / Show response
go.rcvlink.com/bdto/RXTtRlV3fD/ Frame 3D6D 5 KB
2 KB 57ms
57ms XHR
application/json 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/RXTtRlV3fD/?cache=tp3a7tTcvWn63B4&ver=220325-1426&w=300&h=0&vw=1600&ms=490.0&ref=https%3A%2F%2Fsud.ua%2F
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 79888a3c3e96167139724c8c96751d34c4b8dc825609f108b977e0c5023eaea3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:42 GMT
content-encoding: gzip
last-modified: Sat, 04 Jun 2022 03:59:42 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: *
hn: b11
cache-control: no-cache, no-store, no-transform, must-revalidate
content-type: application/json
expires: Sat, 04 Jun 2022 06:59:42 +0300

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
642 B 156ms
50ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sud.ua&callback=_gfp_s_&client=ca-pub-2535113839332652

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2535113839332652&plah=sud.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

0c8138d9caca69b7cd77c136c196f8082dc9a912124c28610ead3d4bd5b0e788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 168ms
49ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 154ms
48ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E8A 286 KB
66 KB 556ms
469ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&adk=1812271804&adf=3025194257&lmt=1654315183&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsud.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315182764&bpp=3&bdt=581&idt=252&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=262224705843&frm=20&pv=2&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=275

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ec652147f3eaf6cbcc0c62ae2c1ff8b98444a87659861f7a31514cd03e77367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 68039
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:43 GMT
expires: Sat, 04 Jun 2022 03:59:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 0fa2b5f2cffde375fbb6f6882463a4ec
st11.rcvlink.com/2/304/ Frame 3D6D 15 KB
16 KB 53ms
44ms Image
image/webp 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/0fa2b5f2cffde375fbb6f6882463a4ec
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: fbace05547f06021dd7e2d6e78179fd769e024caeeda44221790bce08887ca45

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
last-modified: Fri, 03 Jun 2022 10:19:54 GMT
server: nginx
etag: "6299e04a-1c62a"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 15812
expires: Fri, 02 Sep 2022 03:59:43 GMT

GET
H2 200 4fa0a4b4b34a13abefc36d1dc8305ceb
st11.rcvlink.com/2/304/ Frame 3D6D 16 KB
16 KB 98ms
89ms Image
image/webp 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/4fa0a4b4b34a13abefc36d1dc8305ceb
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 66af5d85560f25b8857229580d11c023509c32793df28162eca34790f007ea48

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
last-modified: Fri, 03 Jun 2022 09:50:28 GMT
server: nginx
etag: "6299d964-1bf89"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 16508
expires: Fri, 02 Sep 2022 03:59:43 GMT

GET
H2 200 08070035d642d67dea16ba8d3a33e88c
st11.rcvlink.com/2/304/ Frame 3D6D 17 KB
17 KB 96ms
88ms Image
image/webp 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/304/08070035d642d67dea16ba8d3a33e88c
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 4d7e6ed7651286299edafa2eb930e2f6c6c8d64507dd7e04eac880c866ce953c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
last-modified: Fri, 17 Dec 2021 13:33:27 GMT
server: nginx
etag: "61bc91a7-10966"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 17222
expires: Fri, 02 Sep 2022 03:59:43 GMT

GET
H2 200 logo160.png
go.rcvlink.com/img/ Frame 3D6D 6 KB
6 KB 120ms
120ms Image
image/png 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/img/logo160.png
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://go.rcvlink.com/static/iframe.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
last-modified: Mon, 21 Jan 2019 15:07:51 GMT
server: nginx
etag: "5c45e047-1869"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6249
expires: Sat, 11 Jun 2022 03:59:43 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
539 B 134ms
51ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 03:09:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 04 Jun 2022 03:59:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Jun 2022 03:59:43 GMT

GET
H/1.1 200
OK 1px-matching-adpartner.gif
t.trafmag.com/images/ 35 B
351 B 202ms
66ms Image
image/gif 193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/1px-matching-adpartner.gif?id=0be443d6-9223-42a1-86d5-041288017f6d
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 04 Jun 2022 03:59:43 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2 200 uid=0be443d6-9223-42a1-86d5-041288017f6d
s.uuidksinc.net/match/798/ 74 B
242 B 120ms
35ms Image
image/png 31.220.27.155
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/798/uid=0be443d6-9223-42a1-86d5-041288017f6d
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://go.rcvlink.com/mtch/31/0be443d6-9223-42a1-86d5-041288017f6d
https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=70050046177

43 B
440 B

56ms
55ms

Image
image/gif

51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=70050046177
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:43 GMT
last-modified: Sat, 04 Jun 2022 03:59:43 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=13&user_id=70050046177
hn: b20
date: Sat, 04 Jun 2022 03:59:43 GMT
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 pix
dsp-trk.eskimi.com/ 43 B
256 B 109ms
37ms Image
image/gif 34.120.139.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp-trk.eskimi.com/pix?e=24&exuid=0be443d6-9223-42a1-86d5-041288017f6d
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=a21fd4c5-e276-529b-b783-3198d519e937

43 B
458 B

56ms
56ms

Image
image/gif

51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=a21fd4c5-e276-529b-b783-3198d519e937
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:43 GMT
last-modified: Sat, 04 Jun 2022 03:59:43 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=a21fd4c5-e276-529b-b783-3198d519e937
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=a21fd4c5-e276-529b-b783-3198d519e937

43 B
458 B

56ms
55ms

Image
image/gif

51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=a21fd4c5-e276-529b-b783-3198d519e937
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:43 GMT
last-modified: Sat, 04 Jun 2022 03:59:43 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=a21fd4c5-e276-529b-b783-3198d519e937
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=d3f7d5a4-3a33-4cd6-7251-e77ce96ced38

43 B
458 B

55ms
55ms

Image
image/gif

51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=d3f7d5a4-3a33-4cd6-7251-e77ce96ced38
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:43 GMT
last-modified: Sat, 04 Jun 2022 03:59:43 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=d3f7d5a4-3a33-4cd6-7251-e77ce96ced38
date: Sat, 04 Jun 2022 03:59:43 GMT
server: nginx
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
a4p.adpartner.pro/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=8ea9d856-206c-4a67-5a0f-6f35c1da7748

43 B
458 B

56ms
55ms

Image
image/gif

51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=8ea9d856-206c-4a67-5a0f-6f35c1da7748
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:43 GMT
last-modified: Sat, 04 Jun 2022 03:59:43 GMT
server: nginx
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location: https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=8ea9d856-206c-4a67-5a0f-6f35c1da7748
date: Sat, 04 Jun 2022 03:59:43 GMT
server: nginx
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id}
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

43 B
463 B

132ms
41ms

Image
image/gif

146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 04 Jun 2022 03:59:43 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
date: Sat, 04 Jun 2022 03:59:43 GMT
cache-control: no-store no-transform
server: nginx
content-length: 146
content-type: text/html; charset=utf-8

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame CD93 0
139 B 57ms
57ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%220be443d6-9223-42a1-86d5-041288017f6d%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2713917%2C%22cost%22%3A0.000514456%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2265ccf549-2cff-4c28-8b5a-014c0ef179e2%22%7D%2C%7B%22ad_id%22%3A2713973%2C%22cost%22%3A0.000361478%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22219ad6fa-2f43-420c-aefd-1328cea1d9d0%22%7D%5D%2C%22unit_id%22%3A6480%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fsud.ua%252F%22%7D
Requested by: Host: sud.ua
URL: https://sud.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Sat, 04 Jun 2022 03:59:43 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D9BA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

48ms
48ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c024624425217e0d08abdcf6a66e2a1e1aa42047fb801827414d2e27949c7d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 04 Jun 2022 03:59:43 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D9BA 29 B
587 B 145ms
40ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:55:21 GMT
x-content-type-options: nosniff
age: 262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 04:10:21 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 052A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

48ms
48ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

194c8a567c590274b15d7155ec850aa60b38a6ad9bb6d7bc8d8545c69b313ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 04 Jun 2022 03:59:43 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 052A 29 B
89 B 127ms
41ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:55:21 GMT
x-content-type-options: nosniff
age: 262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 04:10:21 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 166ms
48ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 04 Jun 2022 03:59:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D9BA 62 KB
29 KB 140ms
56ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d834a63af151d51b3e0559c5c7d9b455500fbe039e9adc549bc3bcedda34d142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 29514
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/ Frame D9BA 119 KB
37 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3101551e868f47a466f0250c2e1476ceef7ab1ad44645902a8cb97d295843c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37671
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Jun 2023 16:13:41 GMT

GET
H2 200 B1_cC-tXimK-Vcdfr3NNmLtFRWfcesJykTbTvqPdDOg.js Show response
www.google.com/js/th/ Frame D9BA 35 KB
14 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/B1_cC-tXimK-Vcdfr3NNmLtFRWfcesJykTbTvqPdDOg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

075fdc0beb578a62be55c75faf734d98bb454567dc7ac2729136d3bea3dd0ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 16:28:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13609
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 16:28:40 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/ Frame D9BA 27 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14826c8b90cdcfaafad00b8aadfcfbeb5d28dac0354b8bcbe12450122c6667f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:12:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8019
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Jun 2023 16:12:14 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 105ms
49ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 04 Jun 2022 03:59:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 052A 63 KB
29 KB 155ms
73ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b527cba39f64a670133bff9c39a6c0afe627f11bd21e9d98affba67d7c32911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 29743
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/ Frame 052A 119 KB
37 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3101551e868f47a466f0250c2e1476ceef7ab1ad44645902a8cb97d295843c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37671
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Jun 2023 16:13:41 GMT

GET
H2 200 B1_cC-tXimK-Vcdfr3NNmLtFRWfcesJykTbTvqPdDOg.js Show response
www.google.com/js/th/ Frame 052A 35 KB
13 KB 79ms
49ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/B1_cC-tXimK-Vcdfr3NNmLtFRWfcesJykTbTvqPdDOg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

075fdc0beb578a62be55c75faf734d98bb454567dc7ac2729136d3bea3dd0ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 16:28:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13609
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 16:28:40 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/ Frame 052A 27 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14826c8b90cdcfaafad00b8aadfcfbeb5d28dac0354b8bcbe12450122c6667f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:12:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8019
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Jun 2023 16:12:14 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9269 0
18 B 83ms
40ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://sud.ua
Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://sud.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:43 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
DATA 200
OK truncated
/ Frame 052A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQzFU0Av45QoypQlXkoZ1QHpcgF8qoHxLLw1-hEGw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 052A 2 KB
2 KB 135ms
40ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQzFU0Av45QoypQlXkoZ1QHpcgF8qoHxLLw1-hEGw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

77801d7bfd8858b02102e180408301a3ce0570241b852165a32fbbc6d8941841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 02:22:49 GMT
x-content-type-options: nosniff
age: 5814
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: fife
etag: "v803"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 04:44:32 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/pqSRiSxnfpA/ Frame 052A 13 KB
13 KB 184ms
54ms Image
image/webp 2a00:1450:4014:80a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/pqSRiSxnfpA/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8c703e93883712e550ff2a58379966d61a67a824b5bd7eea427e76b8f125034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 02:59:27 GMT
x-content-type-options: nosniff
age: 3616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12914
x-xss-protection: 0
server: sffe
etag: "1653931345"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jun 2022 04:59:27 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 052A 10 KB
10 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 31 May 2022 21:51:54 GMT
x-content-type-options: nosniff
age: 281269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 31 May 2023 21:51:54 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 052A 4 KB
3 KB 203ms
69ms Script
text/javascript 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 03:59:43 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D9BA 4 KB
2 KB 215ms
84ms Script
text/javascript 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 03:59:43 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D9BA 0
9 B 41ms
40ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?rZSPXQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 052A 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?groHUw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/playlist?list=PL5qAqatU9F2BMFhRNnwbu8UbgRWpWQDqO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/ 147 KB
53 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205310101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f6ad48883964ac1659c73ca8f69e9c35f4609801e39ff3e2acac384dd608fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53787
x-xss-protection: 0
server: cafe
etag: 16073015314729419217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Jun 2022 03:59:43 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 134ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 133ms
49ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sud.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sud.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2CCF 136 KB
45 KB 487ms
486ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=719151369&pi=t.aa~a.2399599924~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=2&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0&nras=2&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vCyWNacbJv&p=https%3A//sud.ua&dtd=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2419b2ea8299729490888be660e1a25712a7c6d1eac39e21801f608713703e50

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKjv_6b0kvgCFelqFQgdtLYAUQ&gqi=r9iaYtrQLeSQjuwPzYiH8A8&layout=/sadbundle/%24csp%253Der3%24/2687134823685313298/300x250_EN/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45673
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKjv_6b0kvgCFelqFQgdtLYAUQ&gqi=r9iaYtrQLeSQjuwPzYiH8A8&layout=/sadbundle/%24csp%253Der3%24/2687134823685313298/300x250_EN/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:44 GMT
expires: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3ECB 18 KB
10 KB 677ms
677ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2805702e2668e35047ea185318f11b23bc82c7a3270dd37af2e17051629738d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10257
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:44 GMT
expires: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FBBC 18 KB
10 KB 745ms
744ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eac6309efab7cca1bac2bc09aaeb3b2563e45da738cfc0c7491212d0a75cc449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:44 GMT
expires: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E907 18 KB
10 KB 361ms
360ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=1549741390&pi=t.aa~a.865547419~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280&nras=5&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=1517&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=g2u2EOjkSP&p=https%3A//sud.ua&dtd=38

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b10f4d596e11cb3022ee3097887fe442475ceb7c5fb1c26b92ec6e6f2837146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10100
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:44 GMT
expires: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 806E 79 KB
32 KB 443ms
442ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=200&adk=1823107844&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x200&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=1&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280%2C300x600&nras=6&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=7RbJndNJtE&p=https%3A//sud.ua&dtd=41

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce1df76446011afe8e1688ab76597e80321783c6f3398ac3c415c2115229dab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:44 GMT
expires: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/99/ Frame 052A 53 KB
15 KB 164ms
55ms Script
text/javascript 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/99/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 00:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15479
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 16:05:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 05 Jun 2022 00:19:11 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/99/ Frame D9BA 53 KB
15 KB 182ms
74ms Script
text/javascript 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/99/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 00:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15479
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 16:05:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 05 Jun 2022 00:19:11 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/ Frame C5F7 10 KB
4 KB 41ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 24753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 21:07:10 GMT
etag: 1327746537699501093
expires: Fri, 17 Jun 2022 21:07:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/ Frame 704B 10 KB
4 KB 41ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sud.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 24753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 21:07:10 GMT
etag: 1327746537699501093
expires: Fri, 17 Jun 2022 21:07:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D9BA 98 B
142 B 52ms
51ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d82bee5ee530be795fdb97e7769fea738286aeb0211846523279ae0a067d8ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 04 Jun 2022 03:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 48ms
48ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 04 Jun 2022 03:59:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame C5F7 4 KB
636 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 02:54:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 04 Jun 2022 03:59:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Jun 2022 03:59:43 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C5F7 205 B
229 B 67ms
54ms Image
image/png 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 19:19:24 GMT
x-content-type-options: nosniff
age: 117619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 02 Jun 2023 19:19:24 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C5F7 604 B
628 B 68ms
54ms Image
image/png 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 17:27:47 GMT
x-content-type-options: nosniff
age: 37916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 03 Jun 2023 17:27:47 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame C5F7 19 KB
9 KB 146ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 01:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 01:23:05 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 052A 98 B
142 B 53ms
52ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49a34248f81b285c00fe7e026fa956047c045a7105a58fd14622cedc9760e667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 49ms
49ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 04 Jun 2022 03:59:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 704B 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKMp_r9iaYtuKCsT03wOvtJ7oCM7T9fZp2IvfgN4NwYTA_PoBEAEggb-0I2C7hoCA0AqgAe_1jtsDyAECqAMByAPJBKoE3wFP0Bn1mWYQGXVdcAwcNELwPrIM1nGRuDEY7mjMV-yP1y_6bePZWyW1jAOSKP5raeuPTQCcixI-YSQFDcMCaDdgsQXvRjHKj-uf4rJ77-1LOs8TEatc2-Y2vAfv8am8yzHMY4UmRU_pkv4VlsH8KsnZHNpb9EAvMLtmLrh4fTRIprVjmqzamTTYiRfjLmC54ya5MTBSznXHJZVbi5zoewuA2hKSS2wIm5twBPT3ASJJQy7rlrpiIVAoeSYi4iML7PmexTKgXF_7qM8BiRWXEoZb7yAJQ2jHRDVp4UnIAF2KwATtoa3ktAKSBQQIBBgBkgUECAUYBKAGAoAHnrabKagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEJSmhwTSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMjUzNTExMzgzOTMzMjY1MhgA&sigh=DxOtjkAITIc&uach_m=[UACH]

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 04 Jun 2022 03:59:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 04 Jun 2022 03:59:43 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 704B 21 KB
9 KB 140ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:48:13 GMT

GET
H2 200 11188049964723637996
tpc.googlesyndication.com/daca_images/simgad/ Frame 704B 21 KB
21 KB 187ms
93ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11188049964723637996

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b41857cbfa9c8d448dd2cb79c9d253e6df3f36b381bd809eee43a80afe65d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 12:33:51 GMT
x-content-type-options: nosniff
age: 228353
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21162
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 08:53:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Jun 2023 12:33:51 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 704B 3 KB
1 KB 203ms
110ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:46:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 704B 138 KB
43 KB 130ms
115ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 704B 17 KB
7 KB 144ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:41:27 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 704B 32 KB
13 KB 205ms
112ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce785d57ef9a42ccbd1c547a34629dcadedbb4ec14c423ace11c2a33c2b45c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 00:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13058
x-xss-protection: 0
server: cafe
etag: 3195647855342160189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 00:23:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 561C 8 KB
893 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 02:54:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 04 Jun 2022 03:59:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 561C 2 KB
984 B 133ms
92ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:51:41 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 561C 21 KB
9 KB 115ms
77ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:48:13 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 561C 3 KB
1 KB 128ms
90ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:46:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 561C 138 KB
43 KB 124ms
123ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 561C 17 KB
7 KB 121ms
84ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:41:27 GMT

GET
H3 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame 561C 31 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4014:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 12:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 12:34:33 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F106 143 B
163 B 42ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 04 Jun 2022 03:46:01 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E907 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BgDCBocDBpXjf5MBnflir2oGYL8KFLfNnw1x2LLNWbXkjTo7iOtPgC_v0bbxnBaI8n0JpGggbLER3nrdmqUXG4ENF_5MqcIMB-HDWHG9IYNRo8UJc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=1549741390&pi=t.aa~a.865547419~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280&nras=5&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=1517&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=g2u2EOjkSP&p=https%3A//sud.ua&dtd=38

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame E907 3 KB
1 KB 130ms
45ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:42:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E907 138 KB
42 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame E907 17 KB
7 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:41:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E907 0
0 134ms
49ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2G8kN0WGOhplarjLpRXXicldq4COAdZdr4rNULuTM0DjKtI4j-qo-f7lFBsrMaAYzeWBv9BJ2K3OntxfDw6ey3nIvMw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=1549741390&pi=t.aa~a.865547419~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280&nras=5&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=1517&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=g2u2EOjkSP&p=https%3A//sud.ua&dtd=38
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 999E 624 B
297 B 54ms
53ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNXz7lJg7HvcGBNVrMeLi5W_e6PhzntBXE6KiGQZ47NUkZ161FLTx7TvLi5izR5-WMYsUZWz-SWEZGTsL2BJjzsUJrQeoEF8FIbvrn18wyyCAdQ8fi7fAaBEZf1HbWAy4PNx66PM_Z5nk7lJvni5-M1DC3bj4rW0lvmipc9sNo_bq2ZWE0c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=1549741390&pi=t.aa~a.865547419~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280&nras=5&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=1517&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=g2u2EOjkSP&p=https%3A//sud.ua&dtd=38
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E907 86 KB
33 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtekY8_o_3_YZnmsI-CMu8nV_Njsq1UnYBwIOA6ZrdqxCrRPe0sknDFaYPHyzzXD9cgqhF3hlCNre6w5k3Dwxm5CatyCjRe3ttFOhiz5_FWBwYIRe8R7EfauDa1oDlLll173AkrSWx_FAVKA59VmcSgEU-lA&dbm_d=AKAmf-BFdndVPVMl_i0kvaawxm5Om96S6BJ7GIcsgJqhRgsMCQdvZovRA09IwJYuUAwEnq-P3xpg268BOb1iSjJFvA1Qdl6QbCl1eVc-AJockxhJ5qz4ZMajq2euROSjF-LItzSPIjBKU0A-GM07nJGiwxyRYIbU1rx0xFKxv2Oj_i5kFf-Vhmr9r5rizjDSpfzalvRMqJErrn_NiTKhqgBbZShUIrCvww4Mx1TeBZ0oeM1WsNkLfQgcHAukpUzL74zF_MPy2GW8zedflYfdsYFJyOeDsN6j23-stFP8cXqc2Zu6S0XXJF9mX5QKvbOk7MYKLuNiAcPSkprikiLREDj1AztJ9EpXcoRjPYbX5ZoE3cDh1MAApN1KwFD-yXrvnTJeMNOupFFVGeEJZYMf5_WE9MZ4OCaBA0OLPApZgZ7HAznTnO-C5rhzCkfDM7UyQWeFde2uvs6z9gkjwKPMspccpGZG4vKlfIidrNhN0yT0OdVIiYSpKKpM0sTt9zmFwv-8stcLL8N1bE_dOIcm60cBrSUCSgp2SYKI53hJATQze8h9F1NyY5znhyy7Ag2kf-I0ba3maoXsoB2hPi0lo3YhIY7j86xo2movfjsBj7t8Y2nOtVjeAcHEbvsQlrk7Yl1afNW7Z04-9LALOm3l67vqYjA1DYumiYC_phTIwSrKxM8iT5CYweuHLirGlYNYyVWItgTgUaIcB5zs8yR92x6jSspRNJme_aqrUFL2b-tjVthUZeoBE3nAILF6ep40EfRel8j967gkahZlmlR0zwCtyWJFiLWtzxSaA-UYguCH7FhT_Zw0_tJTSqaE-zOPhOv2LaVM-sd8JPDLQFB1i2oiLSiyCBD3NwkNOPes_Xw2KnxL5QaoelEoufOfi4x4pbH9IXT0Nz87_W0zLpOcXXX1XaeH_l6bG0gw6aq_YnL-1Vs3yc8E3EwHIYubCfK0CedBRDVgLIx00_PimFPp9CTXT8MFAzw1gxDANljBT_mMQMsBsxdPqMn15mKxtzj0wtqxgtCblQ2vzRShWfDBZpAgsA2WltrPe_ZnrjgXpciQAjwOoQ_7G5EBfVvECKIauA2vdLM3FvDLKqCZ73rEgrkopLW7F-d-TRvFYtCsHMpRb98bML4VOb0lFa-8T7igQNGDR_AHjeLJa8nJwM76FiLAikOgM2aUH-PdhPKlPREdcVEGWCBO11xWn_dmRFPqmKC5iqwch2hAq-kJ3GDW0AwwtV-q90bu_V7LAiaGkTNk0EgyeVkn_ScNIv88QS5gHVqXGb_JfvuM5U2jTL5BOFHOJ2P4BsuyZnr1ecqVpt2EN0Hx_sN4FEQo8qxzH6rcQU394bELajrlFD0SPZn0u0djWzHL6HnHzCX260LIGxoA1YJxH1Tv5lD01SittU3K-KOIRIw78y8bY5FmRFJvUydv1IJNmorTvh_sE9fAuy12KS6GFyq2dzxEXXrEGlRFUlc2nK4fk92bJo2AfeiPOR3E2xqi96g9Wp5g2f08iiH40GncwDqsUHEIJ37fqHQ_HvpNqEYptXwJOTMn-RnnaCRG_ikXXJtJZ8U0kRaCQFdEaaDz5LccLS4ZsZg2YlDWw_bFCzMchDdNC5mdH-YJJBBpRS8BfthzbtmQtwf61I1rezubRA6pA06bjD_mQHOsGZUamV5oLYSHScf2q6pK-5er-wpTjcxdbe4uxowOVqVuwAUtU7pbACL6LdJJ_mfhYhEy77foyUqlDFYHNMZWgAXonmhegOdDtqYMfaMObXe_UsN49-wb731gUyoRzruKIN5m1D7Dsb-BR3PCNx2kE2lFiy6HHW6hiUHXsBaUpxB4ln0Hut7amCsGFDFWPPDO9qrEpbg0PaI8SUwq-VB1BXo3U1MKNpRKcp_EvymSxYVwLpcs0HSE7kObx4aoBhskKYx-Bbpp39tKzKMclojZc5AtkkUSGm15CeXvAzZ3tdlSXitq4u5YdjRi1-7TnserwMnrxQiVG5pX1Uh9q-oSXYIKV5OAJQi_HUgMGMqET2upBvKRcby7-FzxjWPXSbZMH5P69jrmcVwawy4Rn-HlP0f0cN3M1FilxuB3uWDQ3-0Z5D55TnLZAW6dSXVauuu3Y_70XL02jDcYVQbT793aMCsXwBErpjrbQwYc3h56qBWU6S3tNRZAyUXYGv-SDXvY-nDXjxKASdXgguDtg62MHSquKoVKCo4B2qQlcEP2WeC4qRVUOpTlPpr7K9zfBlR2AcemsbxOas0nDf-5BeKvMgyh3JP_hJTmWuVftJ1BrcTWbgTVFeqdXmE4EnsPIFgYFtl4zwmE43MIUwzaMThD-vuojMkIvellm4LYUJDFSVIpRekAtFLF-dph0faKmXTNKpMNow8K7Uk79R9FkUGlCRLDvhKOmXFmx4jdOkV488E1JeQoVAkhm3koO-binjVh-69XSgfTAW4TyS8k_5nB1i3t_tuPzhBwzqucc57CcyKop05hGVTJoY7W6C_AVvtwzhxwFA8uwcEdUeiWFOdqC273wD46jIZ2_YLPyZY07Nx9pZfOhZBaYhBbHJLdQiHW8dc67rM-iGPfBcJggRJ5DFrwNkTYwmNj06EWRO50pX65AmwJXXbCNdzq52RYXVASLbPbO-lyAlNWOJpMco84isbP3Q7XPfXs0FdANLwRr5PL7BZVjyMeOhL2IyTox5vrLSryTzTOwymKX9P9KtJJxk8_DtErLUfI0w6kr5pJNGN-lGyKqNwCNwd8sbDZt4Q1pchw8h4OQT4slEDl9RIqL_fcLsGKdmxYabf_O_t0IdpUbEyLU2W1cblIEaerp7jPNhQQilUgUYmGnDiA9MLoHYBftf4rB7VKxhzYcw_BfNd9Z8oOMk1P-H0Q2H11n0HdOXoHH_JT-z7TT1OWQJ1_kAdQ5ZIFPC8L4rLkVj1hy3ZyefI8Hvp8SP6IFlGOSwF9Np_rHTgYlnJBdrcrRQ5vFjB1Jqw16KIIkNnina0TQzyJ_w3f7s5MEJKAUYAe9CEfrLhHOw4LIZbnzI45ufVSqwNE0zsBsitm6vlCWkn8Yh-JzJL1y0dgOT6Mjm06SYJ2tqCz7Rq_TMiI3TszIqZDnTyKPufWHlMKoGAIV9v8l9iWfmCMtFtR1OPAilFKuu71MpBWMd1CtOKkrijlLiEe4jPluDySXZYz1NHE-XT8xiVneH8dncnMeDXimjk_SNu8paXTW2o6NMchP5vZHvUlZvO-oGelnZbs3fmUwBu8gsFzq2CscvF8qIiw3aDX6lVNqo6KUpIRyU4-c9h3AIck1LLNObD-6u-7BwD4cbC_8TRNZlKnEw6zWaudTDETdVdpmQ77ZYVTpWyKX_O5_g2n13dMBuVaN_m4N7u7Xj8QBJ-_xFd7uBtVlIi6I4cxwQmQmHH_xzbbLJR13Lrt1cZCtY3vk_WXj8JW3EdpJH5xi9jCDe0wh2LNNvApNlGk0R0L3dw4357myJre&cid=CAASJeRoBWEee9SvfLg9q44eRyCze9NVgc7QAhQ3CDuj9rev6NUi4pw&rfl=1%2Chttps%253A%252F%252Fsud.ua%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a7b7d219098268b767c7eec70e6ab8324b6766824ad8f5dd402a05a22311dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=1549741390&pi=t.aa~a.865547419~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280&nras=5&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=1517&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=g2u2EOjkSP&p=https%3A//sud.ua&dtd=38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34123
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 704B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f24593efcf3d5f0ca216a0a7a77e021a82bf2c2aeb7dd565af3b26e718f90b11

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F106
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

66ms
65ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 Jun 2022 03:59:44 GMT
expires: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 Jun 2022 03:59:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 999E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgA9Yjf6NEnXrSdjyrqqa8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgA9Yjf6NEnXrSdjyrqqa8&google_cver=1&C=1

43 B
1012 B

58ms
57ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgA9Yjf6NEnXrSdjyrqqa8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNXz7lJg7HvcGBNVrMeLi5W_e6PhzntBXE6KiGQZ47NUkZ161FLTx7TvLi5izR5-WMYsUZWz-SWEZGTsL2BJjzsUJrQeoEF8FIbvrn18wyyCAdQ8fi7fAaBEZf1HbWAy4PNx66PM_Z5nk7lJvni5-M1DC3bj4rW0lvmipc9sNo_bq2ZWE0c
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 04 Jun 2022 03:59:44 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOgA9Yjf6NEnXrSdjyrqqa8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 999E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YprYsPjJuGM-cjYNKCUWfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1

43 B
892 B

69ms
69ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNXz7lJg7HvcGBNVrMeLi5W_e6PhzntBXE6KiGQZ47NUkZ161FLTx7TvLi5izR5-WMYsUZWz-SWEZGTsL2BJjzsUJrQeoEF8FIbvrn18wyyCAdQ8fi7fAaBEZf1HbWAy4PNx66PM_Z5nk7lJvni5-M1DC3bj4rW0lvmipc9sNo_bq2ZWE0c
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 04 Jun 2022 03:59:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 999E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF9-HFsXt8mQfSSvogl13NU&google_cver=1

43 B
1020 B

73ms
36ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF9-HFsXt8mQfSSvogl13NU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNXz7lJg7HvcGBNVrMeLi5W_e6PhzntBXE6KiGQZ47NUkZ161FLTx7TvLi5izR5-WMYsUZWz-SWEZGTsL2BJjzsUJrQeoEF8FIbvrn18wyyCAdQ8fi7fAaBEZf1HbWAy4PNx66PM_Z5nk7lJvni5-M1DC3bj4rW0lvmipc9sNo_bq2ZWE0c

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4dbdd7a1-7e40-4805-8f4e-933456e7100b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF9-HFsXt8mQfSSvogl13NU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 999E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzM3NzA2MzIwMTc5OTE1OA%3D%3D

170 B
188 B

144ms
59ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzM3NzA2MzIwMTc5OTE1OA%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e6a37400-390e-4d07-8b1e-005360326145
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzM3NzA2MzIwMTc5OTE1OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9034 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 12:46:15 GMT

GET
H3 200 47050910846126638
tpc.googlesyndication.com/daca_images/simgad/ Frame 806E 124 KB
124 KB 49ms
48ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/47050910846126638

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=200&adk=1823107844&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x200&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=1&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280%2C300x600&nras=6&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=7RbJndNJtE&p=https%3A//sud.ua&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da2c9e8eac6e8bae7d817d5b31dd13c3715967b30ef5eacf8130f242a64afc04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 08:14:24 GMT
x-content-type-options: nosniff
age: 243920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127234
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 15:29:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Jun 2023 08:14:24 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 806E 21 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:41:05 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 806E 3 KB
1 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:42:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 806E 138 KB
42 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 806E 17 KB
7 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:41:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 806E 0
0 51ms
50ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkVQfr7hJd25-e6N93nURB3JYSblfygVi1-22NMcfCLsM30yHGi1p4CnHgotpA_rqcMJLX8aQsz-HR9U7mXFWqR5iYDQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=200&adk=1823107844&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x200&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=1&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280%2C300x600&nras=6&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=7RbJndNJtE&p=https%3A//sud.ua&dtd=41
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 806E 32 KB
13 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce785d57ef9a42ccbd1c547a34629dcadedbb4ec14c423ace11c2a33c2b45c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 00:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13058
x-xss-protection: 0
server: cafe
etag: 3195647855342160189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 00:23:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 806E 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CO_6Mr9iaYp_kL5rB1fAPvP22uA6m8duMYqLMh6PjDam49qekIxABIIG_tCNgu4aAgNAKoAHH6LPSAsgBAqkCvMDyv1n0tD6oAwHIA8kEqgTdAU_Qii8aLPkVQWZJyq5CqadI0gU3vqOdfxUtLPV2vEOi5j1HoNowfIPHuztVZOUIIpXwCd67MK3b7JUTmVvEHfAYZ6Kf1E2mKwz_71fvrxteuu-AM5UqCl3qHly9pEvBG037Tyep1onVzAoOryyqa7Uv0LrsS_fV_Mss_mQs1ZmkhVGvwFiDo3Sl5O4ZbBTKPMo3K6Emuwhx3KiwoC2QSBANEMUJ0Pl4fAlGlPRN3VRy4gXEv0FxDS6K0L2kfbZvoYNGQOBhTnrXuaKvg83HftgFYHZFu68TsZjgJww7wATj4YCn1AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHoZfMrQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCAqz7SCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjUzNTExMzgzOTMzMjY1MhgA&sigh=ktvAQSuPvXs&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=200&adk=1823107844&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x200&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=1&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280%2C300x600&nras=6&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=7RbJndNJtE&p=https%3A//sud.ua&dtd=41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E907 169 KB
60 KB 149ms
41ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd2056d3c5a5f9a087647154dc26dbed362a61b733a6cbc8d9e5330b4f4d4284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 16:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60459
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 16:11:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame E907 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtekY8_o_3_YZnmsI-CMu8nV_Njsq1UnYBwIOA6ZrdqxCrRPe0sknDFaYPHyzzXD9cgqhF3hlCNre6w5k3Dwxm5CatyCjRe3ttFOhiz5_FWBwYIRe8R7EfauDa1oDlLll173AkrSWx_FAVKA59VmcSgEU-lA&dbm_d=AKAmf-BFdndVPVMl_i0kvaawxm5Om96S6BJ7GIcsgJqhRgsMCQdvZovRA09IwJYuUAwEnq-P3xpg268BOb1iSjJFvA1Qdl6QbCl1eVc-AJockxhJ5qz4ZMajq2euROSjF-LItzSPIjBKU0A-GM07nJGiwxyRYIbU1rx0xFKxv2Oj_i5kFf-Vhmr9r5rizjDSpfzalvRMqJErrn_NiTKhqgBbZShUIrCvww4Mx1TeBZ0oeM1WsNkLfQgcHAukpUzL74zF_MPy2GW8zedflYfdsYFJyOeDsN6j23-stFP8cXqc2Zu6S0XXJF9mX5QKvbOk7MYKLuNiAcPSkprikiLREDj1AztJ9EpXcoRjPYbX5ZoE3cDh1MAApN1KwFD-yXrvnTJeMNOupFFVGeEJZYMf5_WE9MZ4OCaBA0OLPApZgZ7HAznTnO-C5rhzCkfDM7UyQWeFde2uvs6z9gkjwKPMspccpGZG4vKlfIidrNhN0yT0OdVIiYSpKKpM0sTt9zmFwv-8stcLL8N1bE_dOIcm60cBrSUCSgp2SYKI53hJATQze8h9F1NyY5znhyy7Ag2kf-I0ba3maoXsoB2hPi0lo3YhIY7j86xo2movfjsBj7t8Y2nOtVjeAcHEbvsQlrk7Yl1afNW7Z04-9LALOm3l67vqYjA1DYumiYC_phTIwSrKxM8iT5CYweuHLirGlYNYyVWItgTgUaIcB5zs8yR92x6jSspRNJme_aqrUFL2b-tjVthUZeoBE3nAILF6ep40EfRel8j967gkahZlmlR0zwCtyWJFiLWtzxSaA-UYguCH7FhT_Zw0_tJTSqaE-zOPhOv2LaVM-sd8JPDLQFB1i2oiLSiyCBD3NwkNOPes_Xw2KnxL5QaoelEoufOfi4x4pbH9IXT0Nz87_W0zLpOcXXX1XaeH_l6bG0gw6aq_YnL-1Vs3yc8E3EwHIYubCfK0CedBRDVgLIx00_PimFPp9CTXT8MFAzw1gxDANljBT_mMQMsBsxdPqMn15mKxtzj0wtqxgtCblQ2vzRShWfDBZpAgsA2WltrPe_ZnrjgXpciQAjwOoQ_7G5EBfVvECKIauA2vdLM3FvDLKqCZ73rEgrkopLW7F-d-TRvFYtCsHMpRb98bML4VOb0lFa-8T7igQNGDR_AHjeLJa8nJwM76FiLAikOgM2aUH-PdhPKlPREdcVEGWCBO11xWn_dmRFPqmKC5iqwch2hAq-kJ3GDW0AwwtV-q90bu_V7LAiaGkTNk0EgyeVkn_ScNIv88QS5gHVqXGb_JfvuM5U2jTL5BOFHOJ2P4BsuyZnr1ecqVpt2EN0Hx_sN4FEQo8qxzH6rcQU394bELajrlFD0SPZn0u0djWzHL6HnHzCX260LIGxoA1YJxH1Tv5lD01SittU3K-KOIRIw78y8bY5FmRFJvUydv1IJNmorTvh_sE9fAuy12KS6GFyq2dzxEXXrEGlRFUlc2nK4fk92bJo2AfeiPOR3E2xqi96g9Wp5g2f08iiH40GncwDqsUHEIJ37fqHQ_HvpNqEYptXwJOTMn-RnnaCRG_ikXXJtJZ8U0kRaCQFdEaaDz5LccLS4ZsZg2YlDWw_bFCzMchDdNC5mdH-YJJBBpRS8BfthzbtmQtwf61I1rezubRA6pA06bjD_mQHOsGZUamV5oLYSHScf2q6pK-5er-wpTjcxdbe4uxowOVqVuwAUtU7pbACL6LdJJ_mfhYhEy77foyUqlDFYHNMZWgAXonmhegOdDtqYMfaMObXe_UsN49-wb731gUyoRzruKIN5m1D7Dsb-BR3PCNx2kE2lFiy6HHW6hiUHXsBaUpxB4ln0Hut7amCsGFDFWPPDO9qrEpbg0PaI8SUwq-VB1BXo3U1MKNpRKcp_EvymSxYVwLpcs0HSE7kObx4aoBhskKYx-Bbpp39tKzKMclojZc5AtkkUSGm15CeXvAzZ3tdlSXitq4u5YdjRi1-7TnserwMnrxQiVG5pX1Uh9q-oSXYIKV5OAJQi_HUgMGMqET2upBvKRcby7-FzxjWPXSbZMH5P69jrmcVwawy4Rn-HlP0f0cN3M1FilxuB3uWDQ3-0Z5D55TnLZAW6dSXVauuu3Y_70XL02jDcYVQbT793aMCsXwBErpjrbQwYc3h56qBWU6S3tNRZAyUXYGv-SDXvY-nDXjxKASdXgguDtg62MHSquKoVKCo4B2qQlcEP2WeC4qRVUOpTlPpr7K9zfBlR2AcemsbxOas0nDf-5BeKvMgyh3JP_hJTmWuVftJ1BrcTWbgTVFeqdXmE4EnsPIFgYFtl4zwmE43MIUwzaMThD-vuojMkIvellm4LYUJDFSVIpRekAtFLF-dph0faKmXTNKpMNow8K7Uk79R9FkUGlCRLDvhKOmXFmx4jdOkV488E1JeQoVAkhm3koO-binjVh-69XSgfTAW4TyS8k_5nB1i3t_tuPzhBwzqucc57CcyKop05hGVTJoY7W6C_AVvtwzhxwFA8uwcEdUeiWFOdqC273wD46jIZ2_YLPyZY07Nx9pZfOhZBaYhBbHJLdQiHW8dc67rM-iGPfBcJggRJ5DFrwNkTYwmNj06EWRO50pX65AmwJXXbCNdzq52RYXVASLbPbO-lyAlNWOJpMco84isbP3Q7XPfXs0FdANLwRr5PL7BZVjyMeOhL2IyTox5vrLSryTzTOwymKX9P9KtJJxk8_DtErLUfI0w6kr5pJNGN-lGyKqNwCNwd8sbDZt4Q1pchw8h4OQT4slEDl9RIqL_fcLsGKdmxYabf_O_t0IdpUbEyLU2W1cblIEaerp7jPNhQQilUgUYmGnDiA9MLoHYBftf4rB7VKxhzYcw_BfNd9Z8oOMk1P-H0Q2H11n0HdOXoHH_JT-z7TT1OWQJ1_kAdQ5ZIFPC8L4rLkVj1hy3ZyefI8Hvp8SP6IFlGOSwF9Np_rHTgYlnJBdrcrRQ5vFjB1Jqw16KIIkNnina0TQzyJ_w3f7s5MEJKAUYAe9CEfrLhHOw4LIZbnzI45ufVSqwNE0zsBsitm6vlCWkn8Yh-JzJL1y0dgOT6Mjm06SYJ2tqCz7Rq_TMiI3TszIqZDnTyKPufWHlMKoGAIV9v8l9iWfmCMtFtR1OPAilFKuu71MpBWMd1CtOKkrijlLiEe4jPluDySXZYz1NHE-XT8xiVneH8dncnMeDXimjk_SNu8paXTW2o6NMchP5vZHvUlZvO-oGelnZbs3fmUwBu8gsFzq2CscvF8qIiw3aDX6lVNqo6KUpIRyU4-c9h3AIck1LLNObD-6u-7BwD4cbC_8TRNZlKnEw6zWaudTDETdVdpmQ77ZYVTpWyKX_O5_g2n13dMBuVaN_m4N7u7Xj8QBJ-_xFd7uBtVlIi6I4cxwQmQmHH_xzbbLJR13Lrt1cZCtY3vk_WXj8JW3EdpJH5xi9jCDe0wh2LNNvApNlGk0R0L3dw4357myJre&cid=CAASJeRoBWEee9SvfLg9q44eRyCze9NVgc7QAhQ3CDuj9rev6NUi4pw&rfl=1%2Chttps%253A%252F%252Fsud.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:47:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame E907 27 KB
10 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10536
x-xss-protection: 0
server: cafe
etag: 754631604453815386
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:38:53 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/ Frame 833B 8 KB
2 KB 43ms
43ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/index.html

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0abb8e3a463d9f3e8e1087dbaf0993cdb980f62f27e4caed14e46e42863f31d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 133936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1715
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 14:47:28 GMT
expires: Fri, 02 Jun 2023 14:47:28 GMT
last-modified: Thu, 19 May 2022 08:44:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE98 0
0 85ms
83ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZMryr9iaYujbLunV1fAPtO2CiAXsoZ6iavKkzeObEN2rg8LwIhABIIG_tCNgu4aAgNAKoAHumKTtAcgBCakCKun6s2Kkqj6oAwHIA0iqBOMBT9BSYHH6Ym2wQLmObAjcKKiYvXB1tFsUcy7se_hFubNr7f2y2VNJioR-CFanudo-enaP3n-x5QbEtK8-EGhk4QxBJYSupp_M4NE9hDkR-V7fIHTJdRQU4Dc84Xe_tl5VOEiM5UG80Nw7FGK6v3vKRa_qHYncplS1wmlPsamnh60Z4awIvhs8T4x4hOk6dioR4ayGqyHW3LHfZC4MUqi4X6Msd1tPpb3-bZ1EUuVJ2izN38hrkr2_wpxibROas2ncx-I2ZAExoOTqzNznz1pMvD_ddGd9aeWwdyEoLuGeX9gYKt7ABJDog7qHBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf65tuSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELTDF9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNTM1MTEzODM5MzMyNjUyGAA&sigh=C9W8K7ZkWtE&uach_m=[UACH]&template_id=419

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=719151369&pi=t.aa~a.2399599924~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=2&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0&nras=2&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vCyWNacbJv&p=https%3A//sud.ua&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame EE98 21 KB
8 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=719151369&pi=t.aa~a.2399599924~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=2&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0&nras=2&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vCyWNacbJv&p=https%3A//sud.ua&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

720204b278ccd60da85d56814d2fe2d02cca12dd1bf91f37aa69ae216dc84b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 02:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8657
x-xss-protection: 0
server: cafe
etag: 10643661454465827905
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 02:03:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame EE98 3 KB
1 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 21:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 21:04:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE98 138 KB
42 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame EE98 17 KB
7 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:09:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EE98 0
0 51ms
50ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQb_rsndczHqmBIRSeGn1WYLYjwjkuSjk5zb--EOKmAa0dtYmnrQogvZdFFfxNQugABrj3ODyK2WmVAklVDFpC9ve7l4w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=719151369&pi=t.aa~a.2399599924~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=2&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0&nras=2&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vCyWNacbJv&p=https%3A//sud.ua&dtd=25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D3C8 143 B
163 B 42ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=200&adk=1823107844&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x200&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=1&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280%2C300x600&nras=6&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=7RbJndNJtE&p=https%3A//sud.ua&dtd=41
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 04 Jun 2022 03:46:01 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 788A 1 KB
749 B 42ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 79560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sat, 04 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E907 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 13:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 13:52:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 742D 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 79560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sat, 04 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E907 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a53f72ec1290bbd2540ce29b76666ba20c2b23e8e9b9a00b69a41f370241fc0b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 833B 9 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 04 Jun 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 833B 26 KB
10 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 04 Jun 2022 16:13:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 833B 1 KB
396 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700,400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 03:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 04 Jun 2022 03:59:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/ Frame 833B 7 KB
7 KB 42ms
42ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5459f56c6ec68a61247e5c82793f39801c95ecf08ccf376a92a1c6010b9ce31

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 132711
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7455
x-xss-protection: 0
last-modified: Thu, 19 May 2022 08:44:51 GMT
server: sffe
date: Thu, 02 Jun 2022 15:07:53 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Jun 2023 15:07:53 GMT

GET
H3 200 300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/ Frame 833B 85 KB
85 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/300x250.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2687134823685313298/300x250_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e752f4417c9783ca07ffdce0d9551998c47417140a77e4eee84b84d7fdc2db71

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 132711
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86678
x-xss-protection: 0
last-modified: Thu, 19 May 2022 08:44:51 GMT
server: sffe
date: Thu, 02 Jun 2022 15:07:53 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Jun 2023 15:07:53 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA78 143 B
163 B 42ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=719151369&pi=t.aa~a.2399599924~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=2&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0&nras=2&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3524&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vCyWNacbJv&p=https%3A//sud.ua&dtd=25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 04 Jun 2022 03:46:01 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EE98 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 957630957a6d8aa14ce208af28517ce7eb61071adb5b13991d107d100cb376c8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame EE98 0
20 B 158ms
74ms Other
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKjv_6b0kvgCFelqFQgdtLYAUQ&gqi=r9iaYtrQLeSQjuwPzYiH8A8&layout=/sadbundle/%24csp%253Der3%24/2687134823685313298/300x250_EN/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 806E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5797e64ff8a63659336d4a6cb26467fb60353ded577753bc7a20ed1903ec12bf

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3ECB 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A1vRCgSvfM5dLBYuweabmVYhg1syzRrmb5n_FX9v8vWiu8vCVRO0ZnvAvHevuyQz59idwcNi5SYh3LIO5VPkVR16MjWukpRmYh3tKamYPIQObgY4E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 3ECB 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:42:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3ECB 138 KB
42 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame 3ECB 17 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:41:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3ECB 0
0 49ms
48ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRwOXH8c3_WiQ3QXQWhTLRYhhI8PBi6XZcxV_QVT5q5iRwOxvxjpLqIalYa6-UsnJn6H3brlnH6v9clXT5ea4hEDqh_w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame BC57 36 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 12:46:15 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E8D1 22 KB
8 KB 42ms
41ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 50850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 13:52:14 GMT
expires: Sat, 03 Jun 2023 13:52:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8118 624 B
297 B 53ms
53ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNVYN8OV1rhkeFKFzt5Q6P4YnYzlXt1OkTV1-1JDoZTsQkSnGXqtiwTuoh2PFYnp5slSZ4iw3wLhd9EMz76EWdhMgBF-FC6dCEdAgfMPlRJWnwPhpls78lu0eLDEy4rgBYcgZTF9UlXK2lV5zTvlMGBAFBlOoESULdk7peI6NRfmpk2oCuI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3ECB 86 KB
34 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYGCRomrsimR7UZOq3FqGSkE2jWVN_kyG0_MQdk7_pDmHcUk2EsMLkxfenGmt6OvFVpNoVW1pf1bf0REt6-Fs7JegEe5gmclbIxDlp1mnfmo8W4zgqfcsUMfyE-RzgD5swYqPllRkI2hh6V3vIvjLk6k0K8Q&dbm_d=AKAmf-Ca4WOWs7pwwkvJ1uQuMbTLDd0r61S3IGa8MZ7WDpTPFS9Calns7pSMzNU7_0eqVM1jvanV3e-K-ozW8egEs5pXTonsdd-isP-p8o2ZWwRTjvFM61Ud1uftDCoMwR9xhw2X1zLvvp1sgO2m01fNHo8Rci7uQwbYKXrZ_Lk9IH0e5wpS-uoK3JROtCSUfGBDQZdbkTmkvgDeOV8-Xz4xKAn98YnoNBoBPyXwIYweEZhjq7Mj8M3fuRBzIEs7RWUodMhRI0ZGBlp-kQywwCEq5e_hE6AEfr9Xh5AJAlOEjUuLghomRsRiEq_2y582uyeHsXNoa9SzAbWFdIkxCr0Xi-HgCXNyrqpp_Xul0hqZ2EYVeP34oKdbc6l7afYuFW9KSA7Xxkcl2fzwQCcNpJ4DY8B6OZtY-coA9goW883UWN9Zp5-_1riZ4hF6A1CQZVzNGQozE0ED1Vac50Uf_fNxzTeu1HNDqEI6bdEhG8NaGLUuN3JfOBwilxxeETguYV4cR81TIS5Ag-2qpDflyKfKwn1kNtzMTSpjevuvMH9G8RbGXixFiK3cbAgB8cxOwo7P-j_Ofj6CGTDaldCeGYMjdAzQi47tNJ7ohRajwUittwGLT80i-7vfJO3yKVa8p2MzzTAGNLIrXi8AQgZGRobzEcnFjScLTfNCBryg_2T1fHS76sJaKNbMh8XEBcnjfG6qVSJWLli__nK1z66zPUyz6JI2iYLqmqztnaxbNdF_bDS_-IuL6bJAAJs89Y0OomYR11sD-Hhkkt_p0Co5aQO2zlUkhxZwo-121Gjplmrx0yIYl6EN1lPReFPwCGvEJYK5jheknsuwm8-4fGPd4rT_sHNZgT1MmSpuNSfAyjOVBQ2sE36gCtXD4oTCgngVwv0Bv9hE1ad1n9Zoq45BKrPOM0oKvO9LE-tBKv88WcTw-s2blOl8jIlzRjrGzSkFjMmBMr3D4D8FE0vWrpfE631O66wVM3XG9SA0XjRr1p44D0-O-adHswG_P5J6S76BAjzEV2OtUfhy8CdIYo4Wq8lW94TZZ_EJ4ahMbrPRQoAHPR7Vx3y1EEWJ-Zdi2fZuqbP0Sp7T3AcP5GAmYJxk-oFZjB9oAjVJMKiEQoFX5ngvBoBJ9s6QkDmG4NLzwzUN087O3-DEaH7MFX7XM7a7bEw9zAV3z8vTrQ29NqtvAGZD2oWEJaxruY3fwegYRmCqCpzdgKYPsuIJzZyHN1IYJ73hSre7eNS03ZPYOmew0JhlLxYteM6TquJnjiJIg3Gt61YSn9EHGKpxNsRei1NsW9rIGq1xUCt81AwqeV5n8CsONW2eV-7Oxaa0P2JUAOyiXKUID5iYM0yTPRosPtzVLO1_9-jJbfv8cgYSqlJQLWgAbdOpuSnqdAPBhddHrXpRlFAlvkUBk1PGacGXj5HoT4FVAs6rthsI0GK-5X_D1F9F8qbcEWvhXqK3fRkK85CuETz90ngeTQURNqclEYPEs5zf0lhEePik7fjbSRLzHaJHtUPcWC6i4fYqfKrDTP1FpQRpzeDwEMuNzIUROT0KsU_JLiV9rAHc2D97iYxPfhwhtrt4qtutQMLJ28Hs8X49sW9C1iW3u8-LmX6jp3kvM1HBU6y14JSJ96tqnOB9c9nhXy6BzIjB9oHu3ktyiK3zKxsOaUqZWWINnKAAN9xF5Or4LklDk8ZkLVGEqMzacfv8TGR1R8-l2nvDpwlyeR4OQclHhIKkTEMyHryrYvdLeRV0vGgjLYjyF5VK1JLV85y2Qv_8q9XV8hom1YLdTJFscQJ8-cl6KGaW2PubVyhV3BJzuXxs552xJe47Yg9q9lGlXla0Hp2GzQXdM9lURRPv1H5OyYzb4-wapTyCZpPF_XOu_WCKMfLWT6yH-xG6mMKI77O4T5P6Jr_Uf49SD9kNbdJTOZ9XqL8Foe_7XULSHvPpmBH4-SJ-xcmUHI3Qc07bHornt3wVdXxq0D1eJ7Vmqf9o6zOh5Nu4T_550vjhNuSY4LubLQlnFWkOadl7x8i0MOK2i-vaZ06y-7ts1QHIA1aBpqTWzvNcOKRLulth4KpjXxCJK9tpZD3cnBmcQTnBCGrsf7rJARDD1pKZymmsMYOEzCwE1c-try5GlXr4EiUdoKJNtq2RBUKJpteNFaLRtkwIVXb7tEDDu4IZsg5y4A224SZSCxfiQ73lHesmi5TGO8NC9HZGBG9afFwezkn3nECk2H4EYd4pvaMfUmcQJAw4h7YNJGyzCt4vADv81zMusFhNdVbD9HMkHMURGT7bD7m-FsKhoAzQhjRFX-d_DtdfqQLIgR-a337-d-uQamfSxQL5Y45SzSHtrzrw8RC2_ZewDZTNplamOkMJSEKQs7Kdrmx2XYVCDBq_-L4Iy6trTE3QNQ7fAnFneoAV5ShVQDgfvDMPiPLD5vAjp4qWrK-cSLHYfsxVP3ycJOWRJN2DskNVBsHxl-oEomNRg--JupVhneKwBrAncOIuzFodj1qehFcUMhXV4aq4ceozu-qbm3_U4vR0cUQ-MFpqx55jDkO_0Fa53ezNa_HYPGnooD7bSjPmHNgj9Sjb67YiLxD2Z5W2XisoVPKNirFl1qUtGqHSjenxNUgxPTjAZmR2lYqrwObj3gy3eLmR13hEKc6b7XAlaUWGjc0drvKuMoG78-s0e5BpcwC52QH3dlnZmCabCl0QI6tRo77CPnV-HScg6tfs5OydIYET10PtVQZruayVzU649QqqPi4xE_msCTyox2fGbcNhTpNra3OgNzMLbAKQ35BDFFZqvltBpVSwBRrrUSNIGTAaXKQCvnLmn3NFASFABGeLs8FosNKi_SvzlSzJcGdv2pdkryE28OosAM-iP1hEmnzJfErOfCROHkB0yDHI90HIiLzlVuwhSYIF6PejeBeUgEndCQrSbPuMf3yKVf9VPYHTNQ4t0gnFW_hBzLIrVVYA9h-oMLwkqCovBHcgBu_NG9jbaaHRJ6dAKqkLnhk-Pc51Ubg7nDVKGdTR_X4UnqpEoVg6Ji2lZsrFDxtakRy1p16JCxCxAQYvI1NQt-kJnW5CPyZPASClW-OlmOUa_4T113273dZUenQT1jaZRMbdCvqR7KNOMh_TxzBmuY16hOyjbfChgr-1SYJpW_gpruii1FyKnzWBAuNBpVb636t8mh8x-iiKdFvGlHgv5p4w1yBkQogkCn87x0skf1i-I--gM5q8JVzPJXQ305mJEw1CaB2LR0cyxH9sN_kYUbSDYaGxfWr7DnIaXIWFmtXhVQiYsM9hr8_D5Ttov3jmrbnQWxaH2VU18rAQL7sH9eCctRadlNIrB9UO7WkFnCmlWteGopRsa65U3ttrNg9To-_B8F60L-A96ZUvcHsiGEykg8CY-9O4mM6e3Dk4oaaDjU6eC4yq63Lqz_4keBnrPR3vjsuVVBL91bLzd9SQnMg3Aam0n31la0ZPXtREe19N69TL5aMs-mT7sD30T6JVKHxmPA&cid=CAASJeRoEU3PXhMhhDsPwfLy1c2QzFj_EZndHF3CJd24a0gXxzJjX_Y&rfl=1%2Chttps%253A%252F%252Fsud.ua%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e9e2261884788d9242fabb58ec0ed848295f67664734aa36b00541f56f3ba16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34300
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 788A 35 B
463 B 134ms
42ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOaFUyceA-Cv53qcCBgS4so&google_cver=1&google_push=ARnp8GDKTVxbvqqmZw3enuu6BoLfJQbjI9UYme5KL-oTq20JwquNeb3CzZxxZ_IlXfAfUNG0f5Y-Ia8reJ3w9ZWopKToms_Jo7SY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 788A
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GCOh9iP24H27I3KpIKatNc_FPMmyet_CV0lrrr...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXByWXNBQUFBTEJAVG40TA&google_push=ARnp8GCOh9iP24H27I3KpIKatNc_FPMmyet_CV0lrrr7A_vXzshQUt-ybXjG_zshcBhj8jjNuuD9_qmpfBSRbY1d5coJr-qj63c

170 B
188 B

76ms
76ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXByWXNBQUFBTEJAVG40TA&google_push=ARnp8GCOh9iP24H27I3KpIKatNc_FPMmyet_CV0lrrr7A_vXzshQUt-ybXjG_zshcBhj8jjNuuD9_qmpfBSRbY1d5coJr-qj63c

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXByWXNBQUFBTEJAVG40TA&google_push=ARnp8GCOh9iP24H27I3KpIKatNc_FPMmyet_CV0lrrr7A_vXzshQUt-ybXjG_zshcBhj8jjNuuD9_qmpfBSRbY1d5coJr-qj63c
Date: Sat, 04 Jun 2022 03:59:44 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 788A
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GAoySyQuYU4OGewIVHiLOsbTkkPVBkujEuYH12RzdXezEuKyyEi0TlqOK6BHAKssK5GqRpem_LOODpRtbph8Gu-b6-4oiqG&google_gid=CAESEMraJNBw9mBSBe1YbgTNj6c&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLCx65QGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUm5wOEdBb3lTeVF1WVU0T0dld0lWSGlMT3NiVGtrUFZCa3VqRXVZSDEyUnpkWGV6RXVLeXlFaTBUbHFPSzZCSEFLc3NLNUdxUnBlbV9MT09EcFJ0Yn...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdGh5Y3RnYnliY0VZbUJ1MGtUbThzUms0VFJET05KWTM0aUI0SVdQTW5XUQ==&google_push

170 B
188 B

52ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdGh5Y3RnYnliY0VZbUJ1MGtUbThzUms0VFJET05KWTM0aUI0SVdQTW5XUQ==&google_push

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 04 Jun 2022 03:59:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwdGh5Y3RnYnliY0VZbUJ1MGtUbThzUms0VFJET05KWTM0aUI0SVdQTW5XUQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 788A 43 B
356 B 116ms
42ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFnYWtQGzSPY4QUrK7v49iQ&google_push=ARnp8GDq47sj6EVPxXoV4ke3bWDKrbS7piTbtiw23dODvAVRTeb-sK-7eXJ3XzebonezRj0NUTK066VXnJGEvsIHgaCso4uEc9dO&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=200&adk=1823107844&adf=1324001129&pi=t.aa~a.2388408784~rp.3&w=420&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=420x200&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=1&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280%2C300x600&nras=6&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=7RbJndNJtE&p=https%3A//sud.ua&dtd=41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 788A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yC2QUQknTvWVx1zjyxkJXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

59ms
59ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yC2QUQknTvWVx1zjyxkJXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAMf7_EUTzCAswMAdaRmQeUa4_nqKlntQ0_p6LKxkKBbVzCZizRiljZ3bB1xCfCCqC2q99qRmvBDd8-JnqgfTJeuSJGVTBh

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yC2QUQknTvWVx1zjyxkJXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAMf7_EUTzCAswMAdaRmQeUa4_nqKlntQ0_p6LKxkKBbVzCZizRiljZ3bB1xCfCCqC2q99qRmvBDd8-JnqgfTJeuSJGVTBh
date: Sat, 04 Jun 2022 03:59:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 788A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJBahxQ3Io-WD0dAYOKLgas&google_cver=1&google_push=ARnp8GBUFxCwAfSdltpiZIUIiOMHmZNXkt33spNfQQfJoPg4_DbYyEHN4-PcNo_gmYSFfy7ekMU...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pQWjktMTktSEw4NA==&google_push=ARnp8GBUFxCwAfSdltpiZIUIiOMHmZNXkt33spNfQQfJoPg4_DbYyEHN4-PcNo_gmYSFfy7ekMUNL2lvbGu7llffHxHFOh3guIVD

170 B
188 B

62ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pQWjktMTktSEw4NA==&google_push=ARnp8GBUFxCwAfSdltpiZIUIiOMHmZNXkt33spNfQQfJoPg4_DbYyEHN4-PcNo_gmYSFfy7ekMUNL2lvbGu7llffHxHFOh3guIVD

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pQWjktMTktSEw4NA==&google_push=ARnp8GBUFxCwAfSdltpiZIUIiOMHmZNXkt33spNfQQfJoPg4_DbYyEHN4-PcNo_gmYSFfy7ekMUNL2lvbGu7llffHxHFOh3guIVD
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 788A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELd9frnbcSgn_wEbUKMSMbU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsB6HX67YucWFMfKdogAAAr0AAAIB&google_gid=CAESELd9frnbcSgn_wEbUKMSMbU&google_push=ARnp8GCkHLbqdlYnT0DS7kU435e-6rW4Ahq8ip0SjSytb08yfsE...

170 B
188 B

79ms
79ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsB6HX67YucWFMfKdogAAAr0AAAIB&google_gid=CAESELd9frnbcSgn_wEbUKMSMbU&google_push=ARnp8GCkHLbqdlYnT0DS7kU435e-6rW4Ahq8ip0SjSytb08yfsEOzJ1YK6QW723Qptip7HJtetKkJcjgVElZbzY3J7MUwA-esjU&google_cver=1

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsB6HX67YucWFMfKdogAAAr0AAAIB&google_gid=CAESELd9frnbcSgn_wEbUKMSMbU&google_push=ARnp8GCkHLbqdlYnT0DS7kU435e-6rW4Ahq8ip0SjSytb08yfsEOzJ1YK6QW723Qptip7HJtetKkJcjgVElZbzY3J7MUwA-esjU&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 788A 0
12 B 75ms
49ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0xMhfMkUtfyboDZV8Gvdcu82M0_Be9WRkHUDgWjoXUXJjPh_DDG3tNq-Ofwchp7tf7KVq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5825321732835115008/ Frame 56D0 92 KB
25 KB 133ms
50ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=5LJkqKfZMV&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ddc95507676c16045fd509f101f5dfe5e57b1c28a5b55cebe9b857deb7f7d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:44 GMT
expires: Sun, 04 Jun 2023 03:59:44 GMT
last-modified: Wed, 27 Apr 2022 09:23:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E907 0
622 B 193ms
86ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssfKwnfYjm2u6vbbelWPci2FXlhfR62fzpWtqv5BiE_Tx0DKfh8Ap3r-4GuQHDZvgHRuE8Jnceq5wROxjsAVh8nrfrBX9kY9qQ5pKIcRJhFVtyOMwCizN309tbYM2-0FqtvOqytYSLu29AuHpkIVP3qm8ubf42kyuQXM7PIAO_63VZ9xFCEnEldWu4Utjz0IpQsEgRKc5WUrjOMjv9B9qtbJr23FwBLzCW6JgljgCRH4pP5VaKHR_ITkFlESz8sMC4aKyLjyME2wU_9CiLG0_Iuw1szwW3ZSOLu6Q2HxRd-I4rn3pKLzzfrqNs8iBRZbWvF-pvI9ECDjLj7G7NBjHtuTjr2f1ENNINFBPHaC-cFYET-p24OsYcx071gSkX3pZl2TsA0aCvXFZSnVsriHeJCXVLfK9JDd_YN6sxH5T8Hkd4VnvkOpFIHy4B4sskWmLUhNbjmMWJOU5SaBl9GYlkEaWf7sMbRGh8XGNtFL_V5rN3kG1Nr7angNRJyB6a1EJCjqvekX1fxt3RpYSYPMCBXNXrVrEgtVRocklBOq5g-HTvil3wb64gGjKTpTXJA9_Ed3-FDE5_y693RA-J32rZHhtMooK1boOq-53j3xnaS1fpeNqOCcalFvQYDvPcq8qBEV93ishy_4EgKmihmCENgQQO4kRocidYqe5JOHPCA7Dk4mDJucbLSaYCTWiverudyEmrcIYCUpsU0p2fzaXamKEtmsazkFrfhGt0p6Vtr4Rbgts-HYiZC7AmUkZyXGl0b7BWMT_OewtS4QpGxzlZ2dwxq7_gnP1b_hhTsLmPDGRkaRaAzjGqeoOGnPDxNyd9iMuH4EjJMGPHXVzHbqFGWC3OR-OpCYdDlsRpQUrq-k5-YPd4arcROyjLKnWIzKitRp5r60-KxGnB7VuFQOfnwsvFe3OKSsRgiFcr_txqxIgNBOPRfesQEnwIZ9zYm0ydDlsVgBUOUr9lAqitsUgBwwVmVJwyDkAaVP7k3TYTlfoLE7ciq0mr5I61NTBKP7OPBgtkqw8IbSWiRd-xpsrZAumIPvPP-wZW9tZEm9jt1bwDTsEK_fBWBHQ4FvUJqF3WCl5sj0TJj2KSxLBUKj5eSaD08XfFMGTBruq3oX7PZnszLnMaWyCp1o4N4Zr_IB_LFpGL1ysi_CbkIspMmXrni0xQFOIctKC_RKVfIIB4BlOadI4PflYiuoORcS8krTOuzoGrY5IwuJigEwgV3MtecWB3MEyC1IoVnXGp6Q--utVb3JLoNvK8ur0BES7f2Dwf4p_blFRtgySYzmIX_8i070vTmL1eZPv3NpzMZiST8Xmjldw&sai=AMfl-YTuiaI4BcEUVUbCT74mjwm0_pHZxkjWz7nD9hU7OXLJ5Bv1O498C_MD3smLl0mNwngrEI0jQh68hpITolhGv_znWG9XhcFcDCsq9rB0hOk9emTBS5m1-9fSI6xUgiGwn8c2VDrm3RbnjwS3fd6pWCTmKaYEx2xNQTYQm8Fx_LWmDqI0XZJK4olgnDtye5K5F1oZEU2sz-APUwq02xrpbkKlTJ4&sig=Cg0ArKJSzBFB_okkSGKIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=301&cbvp=1&cstd=296&cisv=r20220601.53496&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dpixel
cms.quantserve.com/ Frame 742D 35 B
464 B 104ms
41ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENDFLyy0Ug4jE0ITw6C9fNk&google_cver=1&google_push=ARnp8GC6l4Sq-cY2y6KKSRftCfgA1sRXR2A__PZ546pg05LhbMkKucLjZfWu3JVVsH8TNpofk2ZXPMqJuww5lh_9yY-9BK2m1QqE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 742D 43 B
350 B 100ms
33ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE8YsuQwHZfpr5nTseSlhAY&google_cver=1&google_push=ARnp8GB_OT2Iqrsc0QcpjXUP-CqBYY18XOhKU-tS9aIMtW1jEZmJj-fKMMqLwTXnltGb3Zo_rFJk1Pw2UqXIpE-wGGsHxj0VJ3rP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=1549741390&pi=t.aa~a.865547419~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280&nras=5&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=1517&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=g2u2EOjkSP&p=https%3A//sud.ua&dtd=38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 7220bge6de67dnucn63u17oe9bipq1s8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 742D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sPueI8hZTfKEKg5tXjXqUQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

53ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sPueI8hZTfKEKg5tXjXqUQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBVkaBPTFJ5kdu41qQDemjcQlDcJhorC0D8oC_FYoSqNrDZ78S1Ubxy3Txw3mwsNZWOrM2LJhXExx69_0slDDGQN228D8ip

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sPueI8hZTfKEKg5tXjXqUQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBVkaBPTFJ5kdu41qQDemjcQlDcJhorC0D8oC_FYoSqNrDZ78S1Ubxy3Txw3mwsNZWOrM2LJhXExx69_0slDDGQN228D8ip
date: Sat, 04 Jun 2022 03:59:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 742D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFDx9oT5ujNA6pSC4OCmBjA&google_cver=1&google_push=ARnp8GD1Gk6App94L6mBw3iozjQxEQ7bJBCYiF1meQLRxD0EiQ9tAGrboE05xH4GSufTZAANYbg...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pQWkEtMVQtQ01XOQ==&google_push=ARnp8GD1Gk6App94L6mBw3iozjQxEQ7bJBCYiF1meQLRxD0EiQ9tAGrboE05xH4GSufTZAANYbgdlYmqB3dMyvV-6WsWi8nOY_aX

170 B
188 B

69ms
69ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pQWkEtMVQtQ01XOQ==&google_push=ARnp8GD1Gk6App94L6mBw3iozjQxEQ7bJBCYiF1meQLRxD0EiQ9tAGrboE05xH4GSufTZAANYbgdlYmqB3dMyvV-6WsWi8nOY_aX

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pQWkEtMVQtQ01XOQ==&google_push=ARnp8GD1Gk6App94L6mBw3iozjQxEQ7bJBCYiF1meQLRxD0EiQ9tAGrboE05xH4GSufTZAANYbgdlYmqB3dMyvV-6WsWi8nOY_aX
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 742D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDOePFJYJk1NvsxBfFiDhR8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsB6HX67YucWFMfKdogAAAr0AAAIB&google_cver=1&google_push=ARnp8GAy__ytYg0A0CRKRo7rd43xkwm1O5Tx2whGQDjZpovo_3AGi7rp7bJUqhCH4t8SbTJkLbfz...

170 B
188 B

67ms
66ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsB6HX67YucWFMfKdogAAAr0AAAIB&google_cver=1&google_push=ARnp8GAy__ytYg0A0CRKRo7rd43xkwm1O5Tx2whGQDjZpovo_3AGi7rp7bJUqhCH4t8SbTJkLbfz8TFkswUNsmnaTITIzteC3Dyv&google_gid=CAESEDOePFJYJk1NvsxBfFiDhR8

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsB6HX67YucWFMfKdogAAAr0AAAIB&google_cver=1&google_push=ARnp8GAy__ytYg0A0CRKRo7rd43xkwm1O5Tx2whGQDjZpovo_3AGi7rp7bJUqhCH4t8SbTJkLbfz8TFkswUNsmnaTITIzteC3Dyv&google_gid=CAESEDOePFJYJk1NvsxBfFiDhR8
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 742D 43 B
297 B 297ms
36ms Image
image/gif 2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKpQgA3fnCzZSLR-m_4uqUo&google_cver=1&google_push=ARnp8GAjAgVOHOWIYvASLXTvLDsbClCDOBvuU2nQR48zuUCAdqD_yPTTCwwa1X7a8rD26I7tW_wjSfB4Jte8lxKltAXPZASXRu65
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=600&adk=3330954535&adf=1549741390&pi=t.aa~a.865547419~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1654315183&rafmt=1&to=qs&pwprc=6541290418&psa=0&format=300x600&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1512&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280%2C420x280&nras=5&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1175&ady=1517&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=g2u2EOjkSP&p=https%3A//sud.ua&dtd=38
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 742D 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 742D 0
12 B 82ms
81ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKbQK8TROYX416dntTRebOyRbxbgXYshS5dmIJ-0uTrw-IDXIY3wDMzOmIBP2eQ7crlzJ68Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame 833B 23 KB
23 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 298295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:08:09 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 833B 23 KB
23 KB 51ms
51ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 298295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:08:09 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D3C8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

70ms
69ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 Jun 2022 03:59:44 GMT
expires: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 Jun 2022 03:59:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9647 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 12:46:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FBBC 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DfGtmfjuX3EpgfQPam6QXOSGO4Es-1-VW00XF-l6SgTr8pPrL09SW3fUnuBM1IZrHO0uEWb-CHYBab8aLA0PDopDF8mV7GHIG5S1X1jvgEqoZAIHk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame FBBC 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:42:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FBBC 138 KB
42 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/ Frame FBBC 17 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:41:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FBBC 0
0 48ms
48ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqbadSubzYPZH-pQs2vIvYxHjYZjSFu_r3EJySN8bOWRC2CszTUeXvj_u239UJaz3FMPVZTH15EvltSjtcsRRtgcuHtQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8118
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1

43 B
892 B

54ms
53ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNVYN8OV1rhkeFKFzt5Q6P4YnYzlXt1OkTV1-1JDoZTsQkSnGXqtiwTuoh2PFYnp5slSZ4iw3wLhd9EMz76EWdhMgBF-FC6dCEdAgfMPlRJWnwPhpls78lu0eLDEy4rgBYcgZTF9UlXK2lV5zTvlMGBAFBlOoESULdk7peI6NRfmpk2oCuI
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 04 Jun 2022 03:59:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8118
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YprYsPjJuGM-cjYNKCUWfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1

43 B
892 B

54ms
54ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNVYN8OV1rhkeFKFzt5Q6P4YnYzlXt1OkTV1-1JDoZTsQkSnGXqtiwTuoh2PFYnp5slSZ4iw3wLhd9EMz76EWdhMgBF-FC6dCEdAgfMPlRJWnwPhpls78lu0eLDEy4rgBYcgZTF9UlXK2lV5zTvlMGBAFBlOoESULdk7peI6NRfmpk2oCuI
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 04 Jun 2022 03:59:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHmSSwtHBMz4_ikNxMS_KM4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8118
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHxNJPdyYp6doeoLcm2ayJY&google_cver=1

43 B
1020 B

35ms
35ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHxNJPdyYp6doeoLcm2ayJY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNVYN8OV1rhkeFKFzt5Q6P4YnYzlXt1OkTV1-1JDoZTsQkSnGXqtiwTuoh2PFYnp5slSZ4iw3wLhd9EMz76EWdhMgBF-FC6dCEdAgfMPlRJWnwPhpls78lu0eLDEy4rgBYcgZTF9UlXK2lV5zTvlMGBAFBlOoESULdk7peI6NRfmpk2oCuI

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c863f245-1339-4439-a14c-d28ccf11c5d4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHxNJPdyYp6doeoLcm2ayJY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8118
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzM3NzA2MzIwMTc5OTE1OA%3D%3D

170 B
188 B

59ms
58ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzM3NzA2MzIwMTc5OTE1OA%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
X-Proxy-Origin: 217.138.196.102; 217.138.196.102; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bcaf765d-4dda-4c3a-af0c-d7343c0b664d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzM3NzA2MzIwMTc5OTE1OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F8E1 640 B
316 B 52ms
52ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNVp1hkbUxyqq2FfyW29W_OOeJ__m4nsZ7cYGHeaL2EQKdmPjc_uxdLhZH0RySjJ6DugImpLa_KfeHrPYKZKP58MiOhW8_z_xqUd1Ya5GcMFdpjF0uVzSX94GrFmgjq2gkXGkEZVznS6V9QpmgwG4uemwXz8RzGU89iPNWMri44cKRUvsko

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FBBC 86 KB
33 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Btiuyd6__ltu0FwuV5ebh0nAKtamC5KZ2jO2ciVLkQzmcQyQVC3G0DrdKIF-TyoFLOq3k4jeuHEc354E4U6i-9IXQOU8msQHw4k9AaBFeqcealUfxElJa7ptEPaxas7laWQf_gz8uUSAq55vHOBPyiQ2eBJw&dbm_d=AKAmf-AhL34kvF3AE04PB8vU0LLBBwh3FIRUb0xZ6Dge8n9pTd5j45DhNRTTDCOHCmvSt-yGDUFcEtdUKdOU96yzOLdewAsMSM8D9XjdxOS6Oflu78wDRjso9gCKHqsz4mZxiox4Ck9vTKAeDuxoxKN7UhB-US5PeDO_daKp3jgsdY1Ry8JfXB71aNEIl7YpUUlZPhRUhq3uo2IuTaGit1oAnUlPwQmPpyju1EXl7zZUVitUgDtSFzo1C9EZDeW-JejqUyjoEo5CpNPwQq0N5t_5_C-btXoBanpZbwn2n5Lz4h2UdPOvp7WFh9RDMnnIyfOkSuJwtctl8oBY4IzOvx_MGWVLxQClrtzf6GHNPRKBxfUcXzhuZq1jAz0YDdXQE8TG4XrGcdRvrl_YUT4VSptoirDyVjniLbxVEQsUPfXEFRw7xmCor9vyXvguHfjdz3gKb9wIEuWAuIdIs9ztJSSwciNtfgwM0kJRu6lTne_XIUSpG7C8xBUmdgR6WQbfox8ghO4DevgOy_tB3iHHmQBoh1X213iyqX1s2nD4mRutundcJmSki3uJ1fL4_6y7nTN9mN3WjQuYcE0Z51RjYdhBKq_uJnPtQxNS4tnE5YO8eZT8nQsPXmivHKIKR7lrp-GFXVR1pFjvSohw5KIDyXwuXULC_tmVAumsgUvQu5u-6QDquUW-qOVBGD2vBZoA3pNguGpMaXm9qmOOGDWnTfs-0GFFYQ_khHrZ6i7F36qrAb8p4l-sGTe84iR2O9b7ZZNaHtTpkBwYnyVz4IVZnKUNGt8tIgijUbjYWJUI1O_0wv_dpzCcxOzwAWiohlayZ2lQts4mRNb2B1EqUS4MoqCmsyBv2Hin0K6CU0mzMXWR8C6SgSjevu1l1IULHV5BMGiOKxa1f84Vpqi_Xr7BWjA7kQ69VRknkX8M5v-4iIYda_YRciJU8FVYo_iCO9TsR0KVvhcRnKaGHMCzCfag_bldcaJQ_TQUAOh2GecXl8A3vOfVjk-F01Q6kvi3ICBxaqnDKPm_iB5iL2VHAx1sEu87vEDbghwtuHanLnpVwKDaaTv5t93xu8PxSkzO9HofhSHelUb-f0rXWjqWsCjK98xm08uFt4BKok7KohHVCuVpxtMyG7xdjci9TwZ3_xUBBDeN3BN5mTlYkzwynoCZfC4g695WklLbzLUIr---9kl446mJyWR32UuSp5nzY58o8wKWRCQ0_LlYZHGZ1dwDhIESAk5XrmdrSe1yuD6bYAi7ZiRLImIGJioMJ3OAAXi28xYTGbM8fWSLvaDZ2oiYxOVmRgxw3kLSKD2Aza2bfS-Y0f0mnSP6-AF1f3Ia9Px1Y6AWWR3pdhLFgqm0tqhniJeC6dxx4ENfArmN7vQFG1yrU692fXN78ScSeDouA8Oj19Kh2N7Lqztpmss0zgDlakbB49a9gyI_NmdipqRdaSjncY91cE44Z-1-GSibx4upPhGuYnY9kiimv_QuEc1TZdB9OG92GgSjrz2vt7Do0dLCZKdyYjMsBtTI4QjPFOCeY3PfFLzzyFlKKCFL9bRTsdeOwIIIjt-mWDv6Pa63b0IfjTAI80EYXSZ8erGpP88RMQHrHC9oFDsRiXmoTrANo1jf6aIlmcTC0M2W8qKGeyaYJxui99PBcThYa0ZeJRAjQv9iWPW6hBlxXsOJOR6COBFkJxo_AIJ98oTgjJDY_cyrDF2b4mAn5ndbfmqAGmWmjkS_5iL_M113VOqHnL0xHvglTGnmESYm129DdXzn3XxKNchJ-lyomC0X03MmPuoMbykha2SWL4emCNPeGjXQH0Xo9mKnzCHKAelOdpEa_mYArZA0X8p5vBn-nZDVjlFxUVSpYTrDVexhOHO2Bjqk-wyLcf3muKvcN_tdirVM5hzY8w38JI2lQ6ofX7YVcGIf52WweWms8yuuIPT_a45Dq0pUSmCIZrVIzv5U1Kv0H32xyfc4zIcmxLKzEd9xJxtU6KngAmlDhbfK7AZoFtDhJt53t0MwqLmTElZdGFMnV9n7rWYMhhcmOF1j2PU6VBdal47SImoou8-IDdFE1tyfHaG9KrkZKnpAe-3cxQXUPTDWrhjybBseYEG4bx9Oco5E8BpfZl4jX2ayQB7KplBp4LMH0eMmQkOKi3qvpK-TBgy2Yx55QMZWWToiYJb6kzOjBUo-D3LHi4sqIFwqzmJ05mE172Vy65PMHUJKMu5oBgu3Jiu0zAghGS52sPjWmhZv2JiOfzZdPAss5zxAsIPY7jfCAi8Y3wrOIGw7532n3pfK5rQWVmNOspYjDK70QSbXZ0tAxyoZpN8XO-eb-GE58HbrlLagsxgCr5wohF9kULk6AK2AxprUJAU_FswpcXSlfaWoctbWmPHUHS6P1gu04EsCiSIKt4ZBxwB6n50XK04-pnA1Bsag_kB7CBMHI-9xe_ef7Xd2y-_BMxBUTAuIsdokmq-kfRzT7-pA1KYCxL3-y8QXpYSLT97T5Lp-hja347WpsdM-rp6TuT7NMY3G2JnvLjMs3wCkHjhskD2SJOC7k1-8qkOyrn49v7EBq9vg1ZIea1Z66MdRn1wPCqASIXC_D73E-byRZJjzypyCnTSssUkOamlCTJ0vaz6lvalufUNsbseYWb1RA_RHexTglaaulYxBIZcv1r8vFqvXa5Tz2BQn94mC8qdPtTomeU5vQ9cZdNijAIQ5oY7ZpPBoFMwPDSbglE1bVJXsf6f9X3hw3Oosy78aDHt4dOAvvYA0_oFVuGQnarRo8VqU5surQH906B-HU5TJy_75ATjmIC7VJZxqS_bynQbdcALZY0T3v2UWlJnTeC9XWEP0Hdh8ffukqT1ASIMx04Lbvihwmn_luPrLTWwLT1P-J6Inr8Ob7CFdeR_mnivKsdjwjVdwnlEqb4KxRJClQqp5ELITLPxLn3kgvyuDgEwm41gHjbWTA_4rGF9GUDXJtglobfXBZqH_Sc5oiV28yBZ3dqxMaKrBuQznZdgmYJ3mgp0tBHrDCRVzUPqLl3zLeeWzZ7eVoboapsZIxHQhfpD_F2N0iF7tDvlz2CcegxzaoGacMz1WMKNYmcU9H55L3rzB-fvjfHHPPd5rEinw9P21Ic_fr6Xfnxha2kDXxqeIryqGkId6bO7-apz4zaGqFn9BkpxU1pZLIEwQdG-xCzM2xk3hhBv2IH9VahV12bg_76Oh0x0w-cJGsO5pHCk3nG5dZ4tsR7co7_85yc-s8Mek2On95pMtVgJ35FXrEjnd8ikE4CsXlayP3VunhyDwPxRlV7F9jX-fMmMjNbz5EH7u3X97gfx5C9o09xHuQxNDnsqJetiw3xCNRWal0deqEDQYMHOO--tdBm9ZYtf0X2Gq013qWHFkoJ8iq5vZDuvDs8k2sSDbN5AkT1UOJgvAfXSW3yEKd1d81SJNN4QW9lU8nBZQWlpai3Z0ivWPLKELFOJfFYdoKZRhvGYlRsmc&cid=CAASJeRoy0RocYaAd_QP_r6vMGTup3Is9r706S-_0XYFHofG7tgKv1s&rfl=1%2Chttps%253A%252F%252Fsud.ua%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4e967b1bb5b38bdbf7201d535967a3c4e4b104dd19f817717f84a0506e6ec66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34212
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA78
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

65ms
65ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 Jun 2022 03:59:44 GMT
expires: Sat, 04 Jun 2022 03:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 Jun 2022 03:59:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3ECB 169 KB
59 KB 127ms
42ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd2056d3c5a5f9a087647154dc26dbed362a61b733a6cbc8d9e5330b4f4d4284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 16:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60459
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 16:11:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame 3ECB 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYGCRomrsimR7UZOq3FqGSkE2jWVN_kyG0_MQdk7_pDmHcUk2EsMLkxfenGmt6OvFVpNoVW1pf1bf0REt6-Fs7JegEe5gmclbIxDlp1mnfmo8W4zgqfcsUMfyE-RzgD5swYqPllRkI2hh6V3vIvjLk6k0K8Q&dbm_d=AKAmf-Ca4WOWs7pwwkvJ1uQuMbTLDd0r61S3IGa8MZ7WDpTPFS9Calns7pSMzNU7_0eqVM1jvanV3e-K-ozW8egEs5pXTonsdd-isP-p8o2ZWwRTjvFM61Ud1uftDCoMwR9xhw2X1zLvvp1sgO2m01fNHo8Rci7uQwbYKXrZ_Lk9IH0e5wpS-uoK3JROtCSUfGBDQZdbkTmkvgDeOV8-Xz4xKAn98YnoNBoBPyXwIYweEZhjq7Mj8M3fuRBzIEs7RWUodMhRI0ZGBlp-kQywwCEq5e_hE6AEfr9Xh5AJAlOEjUuLghomRsRiEq_2y582uyeHsXNoa9SzAbWFdIkxCr0Xi-HgCXNyrqpp_Xul0hqZ2EYVeP34oKdbc6l7afYuFW9KSA7Xxkcl2fzwQCcNpJ4DY8B6OZtY-coA9goW883UWN9Zp5-_1riZ4hF6A1CQZVzNGQozE0ED1Vac50Uf_fNxzTeu1HNDqEI6bdEhG8NaGLUuN3JfOBwilxxeETguYV4cR81TIS5Ag-2qpDflyKfKwn1kNtzMTSpjevuvMH9G8RbGXixFiK3cbAgB8cxOwo7P-j_Ofj6CGTDaldCeGYMjdAzQi47tNJ7ohRajwUittwGLT80i-7vfJO3yKVa8p2MzzTAGNLIrXi8AQgZGRobzEcnFjScLTfNCBryg_2T1fHS76sJaKNbMh8XEBcnjfG6qVSJWLli__nK1z66zPUyz6JI2iYLqmqztnaxbNdF_bDS_-IuL6bJAAJs89Y0OomYR11sD-Hhkkt_p0Co5aQO2zlUkhxZwo-121Gjplmrx0yIYl6EN1lPReFPwCGvEJYK5jheknsuwm8-4fGPd4rT_sHNZgT1MmSpuNSfAyjOVBQ2sE36gCtXD4oTCgngVwv0Bv9hE1ad1n9Zoq45BKrPOM0oKvO9LE-tBKv88WcTw-s2blOl8jIlzRjrGzSkFjMmBMr3D4D8FE0vWrpfE631O66wVM3XG9SA0XjRr1p44D0-O-adHswG_P5J6S76BAjzEV2OtUfhy8CdIYo4Wq8lW94TZZ_EJ4ahMbrPRQoAHPR7Vx3y1EEWJ-Zdi2fZuqbP0Sp7T3AcP5GAmYJxk-oFZjB9oAjVJMKiEQoFX5ngvBoBJ9s6QkDmG4NLzwzUN087O3-DEaH7MFX7XM7a7bEw9zAV3z8vTrQ29NqtvAGZD2oWEJaxruY3fwegYRmCqCpzdgKYPsuIJzZyHN1IYJ73hSre7eNS03ZPYOmew0JhlLxYteM6TquJnjiJIg3Gt61YSn9EHGKpxNsRei1NsW9rIGq1xUCt81AwqeV5n8CsONW2eV-7Oxaa0P2JUAOyiXKUID5iYM0yTPRosPtzVLO1_9-jJbfv8cgYSqlJQLWgAbdOpuSnqdAPBhddHrXpRlFAlvkUBk1PGacGXj5HoT4FVAs6rthsI0GK-5X_D1F9F8qbcEWvhXqK3fRkK85CuETz90ngeTQURNqclEYPEs5zf0lhEePik7fjbSRLzHaJHtUPcWC6i4fYqfKrDTP1FpQRpzeDwEMuNzIUROT0KsU_JLiV9rAHc2D97iYxPfhwhtrt4qtutQMLJ28Hs8X49sW9C1iW3u8-LmX6jp3kvM1HBU6y14JSJ96tqnOB9c9nhXy6BzIjB9oHu3ktyiK3zKxsOaUqZWWINnKAAN9xF5Or4LklDk8ZkLVGEqMzacfv8TGR1R8-l2nvDpwlyeR4OQclHhIKkTEMyHryrYvdLeRV0vGgjLYjyF5VK1JLV85y2Qv_8q9XV8hom1YLdTJFscQJ8-cl6KGaW2PubVyhV3BJzuXxs552xJe47Yg9q9lGlXla0Hp2GzQXdM9lURRPv1H5OyYzb4-wapTyCZpPF_XOu_WCKMfLWT6yH-xG6mMKI77O4T5P6Jr_Uf49SD9kNbdJTOZ9XqL8Foe_7XULSHvPpmBH4-SJ-xcmUHI3Qc07bHornt3wVdXxq0D1eJ7Vmqf9o6zOh5Nu4T_550vjhNuSY4LubLQlnFWkOadl7x8i0MOK2i-vaZ06y-7ts1QHIA1aBpqTWzvNcOKRLulth4KpjXxCJK9tpZD3cnBmcQTnBCGrsf7rJARDD1pKZymmsMYOEzCwE1c-try5GlXr4EiUdoKJNtq2RBUKJpteNFaLRtkwIVXb7tEDDu4IZsg5y4A224SZSCxfiQ73lHesmi5TGO8NC9HZGBG9afFwezkn3nECk2H4EYd4pvaMfUmcQJAw4h7YNJGyzCt4vADv81zMusFhNdVbD9HMkHMURGT7bD7m-FsKhoAzQhjRFX-d_DtdfqQLIgR-a337-d-uQamfSxQL5Y45SzSHtrzrw8RC2_ZewDZTNplamOkMJSEKQs7Kdrmx2XYVCDBq_-L4Iy6trTE3QNQ7fAnFneoAV5ShVQDgfvDMPiPLD5vAjp4qWrK-cSLHYfsxVP3ycJOWRJN2DskNVBsHxl-oEomNRg--JupVhneKwBrAncOIuzFodj1qehFcUMhXV4aq4ceozu-qbm3_U4vR0cUQ-MFpqx55jDkO_0Fa53ezNa_HYPGnooD7bSjPmHNgj9Sjb67YiLxD2Z5W2XisoVPKNirFl1qUtGqHSjenxNUgxPTjAZmR2lYqrwObj3gy3eLmR13hEKc6b7XAlaUWGjc0drvKuMoG78-s0e5BpcwC52QH3dlnZmCabCl0QI6tRo77CPnV-HScg6tfs5OydIYET10PtVQZruayVzU649QqqPi4xE_msCTyox2fGbcNhTpNra3OgNzMLbAKQ35BDFFZqvltBpVSwBRrrUSNIGTAaXKQCvnLmn3NFASFABGeLs8FosNKi_SvzlSzJcGdv2pdkryE28OosAM-iP1hEmnzJfErOfCROHkB0yDHI90HIiLzlVuwhSYIF6PejeBeUgEndCQrSbPuMf3yKVf9VPYHTNQ4t0gnFW_hBzLIrVVYA9h-oMLwkqCovBHcgBu_NG9jbaaHRJ6dAKqkLnhk-Pc51Ubg7nDVKGdTR_X4UnqpEoVg6Ji2lZsrFDxtakRy1p16JCxCxAQYvI1NQt-kJnW5CPyZPASClW-OlmOUa_4T113273dZUenQT1jaZRMbdCvqR7KNOMh_TxzBmuY16hOyjbfChgr-1SYJpW_gpruii1FyKnzWBAuNBpVb636t8mh8x-iiKdFvGlHgv5p4w1yBkQogkCn87x0skf1i-I--gM5q8JVzPJXQ305mJEw1CaB2LR0cyxH9sN_kYUbSDYaGxfWr7DnIaXIWFmtXhVQiYsM9hr8_D5Ttov3jmrbnQWxaH2VU18rAQL7sH9eCctRadlNIrB9UO7WkFnCmlWteGopRsa65U3ttrNg9To-_B8F60L-A96ZUvcHsiGEykg8CY-9O4mM6e3Dk4oaaDjU6eC4yq63Lqz_4keBnrPR3vjsuVVBL91bLzd9SQnMg3Aam0n31la0ZPXtREe19N69TL5aMs-mT7sD30T6JVKHxmPA&cid=CAASJeRoEU3PXhMhhDsPwfLy1c2QzFj_EZndHF3CJd24a0gXxzJjX_Y&rfl=1%2Chttps%253A%252F%252Fsud.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:47:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame 3ECB 27 KB
10 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10536
x-xss-protection: 0
server: cafe
etag: 754631604453815386
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:38:53 GMT

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame E8D1 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 12:46:15 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F8E1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0q4EJnHcRtQ5CdmAvU9eU&google_cver=1

43 B
274 B

64ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0q4EJnHcRtQ5CdmAvU9eU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNVp1hkbUxyqq2FfyW29W_OOeJ__m4nsZ7cYGHeaL2EQKdmPjc_uxdLhZH0RySjJ6DugImpLa_KfeHrPYKZKP58MiOhW8_z_xqUd1Ya5GcMFdpjF0uVzSX94GrFmgjq2gkXGkEZVznS6V9QpmgwG4uemwXz8RzGU89iPNWMri44cKRUvsko
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/eecec1e /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
via: 1.1 google
server: OXGW/eecec1e
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0q4EJnHcRtQ5CdmAvU9eU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F8E1 43 B
145 B 135ms
34ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNVp1hkbUxyqq2FfyW29W_OOeJ__m4nsZ7cYGHeaL2EQKdmPjc_uxdLhZH0RySjJ6DugImpLa_KfeHrPYKZKP58MiOhW8_z_xqUd1Ya5GcMFdpjF0uVzSX94GrFmgjq2gkXGkEZVznS6V9QpmgwG4uemwXz8RzGU89iPNWMri44cKRUvsko
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/eecec1e /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: gzip
server: OXGW/eecec1e
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F8E1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKC6uWlvSqyFojePIWhmQjI&google_cver=1

23 B
172 B

162ms
68ms

Image
image/gif

104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKC6uWlvSqyFojePIWhmQjI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNVp1hkbUxyqq2FfyW29W_OOeJ__m4nsZ7cYGHeaL2EQKdmPjc_uxdLhZH0RySjJ6DugImpLa_KfeHrPYKZKP58MiOhW8_z_xqUd1Ya5GcMFdpjF0uVzSX94GrFmgjq2gkXGkEZVznS6V9QpmgwG4uemwXz8RzGU89iPNWMri44cKRUvsko
Protocol: H2
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 04 Jun 2022 03:59:44 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEKC6uWlvSqyFojePIWhmQjI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F8E1 23 B
172 B 239ms
69ms Image
image/gif 104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2M4wEQh7-_nwMY8K6myQEwAQ&v=APEucNVp1hkbUxyqq2FfyW29W_OOeJ__m4nsZ7cYGHeaL2EQKdmPjc_uxdLhZH0RySjJ6DugImpLa_KfeHrPYKZKP58MiOhW8_z_xqUd1Ya5GcMFdpjF0uVzSX94GrFmgjq2gkXGkEZVznS6V9QpmgwG4uemwXz8RzGU89iPNWMri44cKRUvsko
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 04 Jun 2022 03:59:44 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FBBC 169 KB
59 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd2056d3c5a5f9a087647154dc26dbed362a61b733a6cbc8d9e5330b4f4d4284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 16:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60459
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 16:11:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/ Frame FBBC 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Btiuyd6__ltu0FwuV5ebh0nAKtamC5KZ2jO2ciVLkQzmcQyQVC3G0DrdKIF-TyoFLOq3k4jeuHEc354E4U6i-9IXQOU8msQHw4k9AaBFeqcealUfxElJa7ptEPaxas7laWQf_gz8uUSAq55vHOBPyiQ2eBJw&dbm_d=AKAmf-AhL34kvF3AE04PB8vU0LLBBwh3FIRUb0xZ6Dge8n9pTd5j45DhNRTTDCOHCmvSt-yGDUFcEtdUKdOU96yzOLdewAsMSM8D9XjdxOS6Oflu78wDRjso9gCKHqsz4mZxiox4Ck9vTKAeDuxoxKN7UhB-US5PeDO_daKp3jgsdY1Ry8JfXB71aNEIl7YpUUlZPhRUhq3uo2IuTaGit1oAnUlPwQmPpyju1EXl7zZUVitUgDtSFzo1C9EZDeW-JejqUyjoEo5CpNPwQq0N5t_5_C-btXoBanpZbwn2n5Lz4h2UdPOvp7WFh9RDMnnIyfOkSuJwtctl8oBY4IzOvx_MGWVLxQClrtzf6GHNPRKBxfUcXzhuZq1jAz0YDdXQE8TG4XrGcdRvrl_YUT4VSptoirDyVjniLbxVEQsUPfXEFRw7xmCor9vyXvguHfjdz3gKb9wIEuWAuIdIs9ztJSSwciNtfgwM0kJRu6lTne_XIUSpG7C8xBUmdgR6WQbfox8ghO4DevgOy_tB3iHHmQBoh1X213iyqX1s2nD4mRutundcJmSki3uJ1fL4_6y7nTN9mN3WjQuYcE0Z51RjYdhBKq_uJnPtQxNS4tnE5YO8eZT8nQsPXmivHKIKR7lrp-GFXVR1pFjvSohw5KIDyXwuXULC_tmVAumsgUvQu5u-6QDquUW-qOVBGD2vBZoA3pNguGpMaXm9qmOOGDWnTfs-0GFFYQ_khHrZ6i7F36qrAb8p4l-sGTe84iR2O9b7ZZNaHtTpkBwYnyVz4IVZnKUNGt8tIgijUbjYWJUI1O_0wv_dpzCcxOzwAWiohlayZ2lQts4mRNb2B1EqUS4MoqCmsyBv2Hin0K6CU0mzMXWR8C6SgSjevu1l1IULHV5BMGiOKxa1f84Vpqi_Xr7BWjA7kQ69VRknkX8M5v-4iIYda_YRciJU8FVYo_iCO9TsR0KVvhcRnKaGHMCzCfag_bldcaJQ_TQUAOh2GecXl8A3vOfVjk-F01Q6kvi3ICBxaqnDKPm_iB5iL2VHAx1sEu87vEDbghwtuHanLnpVwKDaaTv5t93xu8PxSkzO9HofhSHelUb-f0rXWjqWsCjK98xm08uFt4BKok7KohHVCuVpxtMyG7xdjci9TwZ3_xUBBDeN3BN5mTlYkzwynoCZfC4g695WklLbzLUIr---9kl446mJyWR32UuSp5nzY58o8wKWRCQ0_LlYZHGZ1dwDhIESAk5XrmdrSe1yuD6bYAi7ZiRLImIGJioMJ3OAAXi28xYTGbM8fWSLvaDZ2oiYxOVmRgxw3kLSKD2Aza2bfS-Y0f0mnSP6-AF1f3Ia9Px1Y6AWWR3pdhLFgqm0tqhniJeC6dxx4ENfArmN7vQFG1yrU692fXN78ScSeDouA8Oj19Kh2N7Lqztpmss0zgDlakbB49a9gyI_NmdipqRdaSjncY91cE44Z-1-GSibx4upPhGuYnY9kiimv_QuEc1TZdB9OG92GgSjrz2vt7Do0dLCZKdyYjMsBtTI4QjPFOCeY3PfFLzzyFlKKCFL9bRTsdeOwIIIjt-mWDv6Pa63b0IfjTAI80EYXSZ8erGpP88RMQHrHC9oFDsRiXmoTrANo1jf6aIlmcTC0M2W8qKGeyaYJxui99PBcThYa0ZeJRAjQv9iWPW6hBlxXsOJOR6COBFkJxo_AIJ98oTgjJDY_cyrDF2b4mAn5ndbfmqAGmWmjkS_5iL_M113VOqHnL0xHvglTGnmESYm129DdXzn3XxKNchJ-lyomC0X03MmPuoMbykha2SWL4emCNPeGjXQH0Xo9mKnzCHKAelOdpEa_mYArZA0X8p5vBn-nZDVjlFxUVSpYTrDVexhOHO2Bjqk-wyLcf3muKvcN_tdirVM5hzY8w38JI2lQ6ofX7YVcGIf52WweWms8yuuIPT_a45Dq0pUSmCIZrVIzv5U1Kv0H32xyfc4zIcmxLKzEd9xJxtU6KngAmlDhbfK7AZoFtDhJt53t0MwqLmTElZdGFMnV9n7rWYMhhcmOF1j2PU6VBdal47SImoou8-IDdFE1tyfHaG9KrkZKnpAe-3cxQXUPTDWrhjybBseYEG4bx9Oco5E8BpfZl4jX2ayQB7KplBp4LMH0eMmQkOKi3qvpK-TBgy2Yx55QMZWWToiYJb6kzOjBUo-D3LHi4sqIFwqzmJ05mE172Vy65PMHUJKMu5oBgu3Jiu0zAghGS52sPjWmhZv2JiOfzZdPAss5zxAsIPY7jfCAi8Y3wrOIGw7532n3pfK5rQWVmNOspYjDK70QSbXZ0tAxyoZpN8XO-eb-GE58HbrlLagsxgCr5wohF9kULk6AK2AxprUJAU_FswpcXSlfaWoctbWmPHUHS6P1gu04EsCiSIKt4ZBxwB6n50XK04-pnA1Bsag_kB7CBMHI-9xe_ef7Xd2y-_BMxBUTAuIsdokmq-kfRzT7-pA1KYCxL3-y8QXpYSLT97T5Lp-hja347WpsdM-rp6TuT7NMY3G2JnvLjMs3wCkHjhskD2SJOC7k1-8qkOyrn49v7EBq9vg1ZIea1Z66MdRn1wPCqASIXC_D73E-byRZJjzypyCnTSssUkOamlCTJ0vaz6lvalufUNsbseYWb1RA_RHexTglaaulYxBIZcv1r8vFqvXa5Tz2BQn94mC8qdPtTomeU5vQ9cZdNijAIQ5oY7ZpPBoFMwPDSbglE1bVJXsf6f9X3hw3Oosy78aDHt4dOAvvYA0_oFVuGQnarRo8VqU5surQH906B-HU5TJy_75ATjmIC7VJZxqS_bynQbdcALZY0T3v2UWlJnTeC9XWEP0Hdh8ffukqT1ASIMx04Lbvihwmn_luPrLTWwLT1P-J6Inr8Ob7CFdeR_mnivKsdjwjVdwnlEqb4KxRJClQqp5ELITLPxLn3kgvyuDgEwm41gHjbWTA_4rGF9GUDXJtglobfXBZqH_Sc5oiV28yBZ3dqxMaKrBuQznZdgmYJ3mgp0tBHrDCRVzUPqLl3zLeeWzZ7eVoboapsZIxHQhfpD_F2N0iF7tDvlz2CcegxzaoGacMz1WMKNYmcU9H55L3rzB-fvjfHHPPd5rEinw9P21Ic_fr6Xfnxha2kDXxqeIryqGkId6bO7-apz4zaGqFn9BkpxU1pZLIEwQdG-xCzM2xk3hhBv2IH9VahV12bg_76Oh0x0w-cJGsO5pHCk3nG5dZ4tsR7co7_85yc-s8Mek2On95pMtVgJ35FXrEjnd8ikE4CsXlayP3VunhyDwPxRlV7F9jX-fMmMjNbz5EH7u3X97gfx5C9o09xHuQxNDnsqJetiw3xCNRWal0deqEDQYMHOO--tdBm9ZYtf0X2Gq013qWHFkoJ8iq5vZDuvDs8k2sSDbN5AkT1UOJgvAfXSW3yEKd1d81SJNN4QW9lU8nBZQWlpai3Z0ivWPLKELFOJfFYdoKZRhvGYlRsmc&cid=CAASJeRoy0RocYaAd_QP_r6vMGTup3Is9r706S-_0XYFHofG7tgKv1s&rfl=1%2Chttps%253A%252F%252Fsud.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:47:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/ Frame FBBC 27 KB
10 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220601/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10536
x-xss-protection: 0
server: cafe
etag: 754631604453815386
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Jun 2022 03:38:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 56D0 3 KB
630 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=5LJkqKfZMV&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55475f690303f28766cea7ae2214bca689adb1d19426a636ae5f812d30ed88aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 03:30:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 04 Jun 2022 03:59:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 56D0 118 KB
40 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=5LJkqKfZMV&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=5LJkqKfZMV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 12:04:20 GMT

GET
H3 200 gsap_3.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 56D0 54 KB
22 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=5LJkqKfZMV&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=5LJkqKfZMV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22005
x-xss-protection: 0
last-modified: Mon, 11 Nov 2019 18:08:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 833B 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 12:46:15 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3ECB 41 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 13:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 13:52:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E747 1 KB
749 B 42ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 79560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sat, 04 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3ECB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af5359ff7d7aa391237ff09a257e9a1b46b23ac93fb4a9f96740d1f96377cb97

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FBBC 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 13:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 13:52:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D3B2 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 79560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sat, 04 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FBBC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5d824d8b67ec03b98900ce90df283165d90b692781d6a360674041d54ca23bc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E1E2 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 50850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 13:52:14 GMT
expires: Sat, 03 Jun 2023 13:52:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E907 0
26 B 163ms
79ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssfKwnfYjm2u6vbbelWPci2FXlhfR62fzpWtqv5BiE_Tx0DKfh8Ap3r-4GuQHDZvgHRuE8Jnceq5wROxjsAVh8nrfrBX9kY9qQ5pKIcRJhFVtyOMwCizN309tbYM2-0FqtvOqytYSLu29AuHpkIVP3qm8ubf42kyuQXM7PIAO_63VZ9xFCEnEldWu4Utjz0IpQsEgRKc5WUrjOMjv9B9qtbJr23FwBLzCW6JgljgCRH4pP5VaKHR_ITkFlESz8sMC4aKyLjyME2wU_9CiLG0_Iuw1szwW3ZSOLu6Q2HxRd-I4rn3pKLzzfrqNs8iBRZbWvF-pvI9ECDjLj7G7NBjHtuTjr2f1ENNINFBPHaC-cFYET-p24OsYcx071gSkX3pZl2TsA0aCvXFZSnVsriHeJCXVLfK9JDd_YN6sxH5T8Hkd4VnvkOpFIHy4B4sskWmLUhNbjmMWJOU5SaBl9GYlkEaWf7sMbRGh8XGNtFL_V5rN3kG1Nr7angNRJyB6a1EJCjqvekX1fxt3RpYSYPMCBXNXrVrEgtVRocklBOq5g-HTvil3wb64gGjKTpTXJA9_Ed3-FDE5_y693RA-J32rZHhtMooK1boOq-53j3xnaS1fpeNqOCcalFvQYDvPcq8qBEV93ishy_4EgKmihmCENgQQO4kRocidYqe5JOHPCA7Dk4mDJucbLSaYCTWiverudyEmrcIYCUpsU0p2fzaXamKEtmsazkFrfhGt0p6Vtr4Rbgts-HYiZC7AmUkZyXGl0b7BWMT_OewtS4QpGxzlZ2dwxq7_gnP1b_hhTsLmPDGRkaRaAzjGqeoOGnPDxNyd9iMuH4EjJMGPHXVzHbqFGWC3OR-OpCYdDlsRpQUrq-k5-YPd4arcROyjLKnWIzKitRp5r60-KxGnB7VuFQOfnwsvFe3OKSsRgiFcr_txqxIgNBOPRfesQEnwIZ9zYm0ydDlsVgBUOUr9lAqitsUgBwwVmVJwyDkAaVP7k3TYTlfoLE7ciq0mr5I61NTBKP7OPBgtkqw8IbSWiRd-xpsrZAumIPvPP-wZW9tZEm9jt1bwDTsEK_fBWBHQ4FvUJqF3WCl5sj0TJj2KSxLBUKj5eSaD08XfFMGTBruq3oX7PZnszLnMaWyCp1o4N4Zr_IB_LFpGL1ysi_CbkIspMmXrni0xQFOIctKC_RKVfIIB4BlOadI4PflYiuoORcS8krTOuzoGrY5IwuJigEwgV3MtecWB3MEyC1IoVnXGp6Q--utVb3JLoNvK8ur0BES7f2Dwf4p_blFRtgySYzmIX_8i070vTmL1eZPv3NpzMZiST8Xmjldw&sai=AMfl-YTuiaI4BcEUVUbCT74mjwm0_pHZxkjWz7nD9hU7OXLJ5Bv1O498C_MD3smLl0mNwngrEI0jQh68hpITolhGv_znWG9XhcFcDCsq9rB0hOk9emTBS5m1-9fSI6xUgiGwn8c2VDrm3RbnjwS3fd6pWCTmKaYEx2xNQTYQm8Fx_LWmDqI0XZJK4olgnDtye5K5F1oZEU2sz-APUwq02xrpbkKlTJ4&sig=Cg0ArKJSzBFB_okkSGKIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=668&vt=11&dtpt=367&dett=3&cstd=296&cisv=r20220601.53496&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jun 2022 03:59:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E907 7 KB
5 KB 53ms
53ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bf89265ce554758f5d2a9342af55c52c900942aecc5b36c1a297e9a927bbead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jun 2022 03:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5587
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E747
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFcgr54LKQMtJBKaglrjAM8&google_cver=1&google_push=ARnp8GBp5i6ElXh_pfuZ1EsyBoX7oGodWHZ4ENxw-OBH8rIUGPD7AZ8xrz...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBp5i6ElXh_pfuZ1EsyBoX7oGodWHZ4ENxw-OBH8rIUGPD7AZ8xrzk9ArIb0UIHyebW0i-DB1oM1AZaBY9NF1uCKUie2Q&google_hm=bZKSpCIDsmq9Qu...

170 B
188 B

61ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBp5i6ElXh_pfuZ1EsyBoX7oGodWHZ4ENxw-OBH8rIUGPD7AZ8xrzk9ArIb0UIHyebW0i-DB1oM1AZaBY9NF1uCKUie2Q&google_hm=bZKSpCIDsmq9QuSWc7mJpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBp5i6ElXh_pfuZ1EsyBoX7oGodWHZ4ENxw-OBH8rIUGPD7AZ8xrzk9ArIb0UIHyebW0i-DB1oM1AZaBY9NF1uCKUie2Q&google_hm=bZKSpCIDsmq9QuSWc7mJpg
pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E747
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GCu98SzkCXq23k41lBC14mjThnmhjoeXXRWOpm...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXByWXNBQUFCUjVMYW5sZA&google_push=ARnp8GCu98SzkCXq23k41lBC14mjThnmhjoeXXRWOpmUX10F3kAx8N7x4_-GvGFWJhU9y4ruZ5b_yOu-Nvwrqrm_bP7sJ7eKAL0

170 B
188 B

57ms
56ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXByWXNBQUFCUjVMYW5sZA&google_push=ARnp8GCu98SzkCXq23k41lBC14mjThnmhjoeXXRWOpmUX10F3kAx8N7x4_-GvGFWJhU9y4ruZ5b_yOu-Nvwrqrm_bP7sJ7eKAL0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXByWXNBQUFCUjVMYW5sZA&google_push=ARnp8GCu98SzkCXq23k41lBC14mjThnmhjoeXXRWOpmUX10F3kAx8N7x4_-GvGFWJhU9y4ruZ5b_yOu-Nvwrqrm_bP7sJ7eKAL0
Date: Sat, 04 Jun 2022 03:59:44 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 466606.gif
id.rlcdn.com/ Frame E747 42 B
60 B 40ms
38ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GCtBPDX54gcreCJlU17FQ6LSCN7i7FTPUwPaTTaSXlAisbPIzqXMORf8DYyGkhigkrJ1LnMh6wompbiTtSZExmcgPvHujE&google_gid=CAESEAZtouVyvLkiqCJsivsaF0s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jun 2022 03:59:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 200 dds
rtb.openx.net/sync/ Frame E747 43 B
64 B 66ms
34ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKPKJsmDoEnD_IhNtqRxVwk&google_cver=1&google_push=ARnp8GAQ70KuqTaaO7gVO-o30_lQWaJEn2QHmt4fGs4xUqvfFHWUqEEcfnjWfdChxusJMz8u7Wb0bL_zTJWLynORs_142orVL7I
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 7mk3eo2khtji6bnk1tdkdric8eb3h6ms

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E747
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WR5Bp99rRf6YPATYcQrEig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

52ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WR5Bp99rRf6YPATYcQrEig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDCGCsgOBdPM9Pb2_2HDS1g2M1uM0u45OA_iHwvl_R-4PB3b2Hws04euhD-pNk5ualwrjt4ONn_ceEMWBpAfGsFkhj6vpw

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WR5Bp99rRf6YPATYcQrEig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDCGCsgOBdPM9Pb2_2HDS1g2M1uM0u45OA_iHwvl_R-4PB3b2Hws04euhD-pNk5ualwrjt4ONn_ceEMWBpAfGsFkhj6vpw
date: Sat, 04 Jun 2022 03:59:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E747
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFYgX40I-661zvN8dYCH6a0&google_cver=1&google_push=ARnp8GBTdrAlqIGNXSyRqjkc0sqfm28twzHEnXZjwPlJSSDi9spH1Jla_JMi-IP8pxxfXP1fBsC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pRNVQtMTctSkhPSg==&google_push=ARnp8GBTdrAlqIGNXSyRqjkc0sqfm28twzHEnXZjwPlJSSDi9spH1Jla_JMi-IP8pxxfXP1fBsCGkwJ6xgu1s4sRkQCJC-pJavw

170 B
188 B

54ms
54ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pRNVQtMTctSkhPSg==&google_push=ARnp8GBTdrAlqIGNXSyRqjkc0sqfm28twzHEnXZjwPlJSSDi9spH1Jla_JMi-IP8pxxfXP1fBsCGkwJ6xgu1s4sRkQCJC-pJavw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pRNVQtMTctSkhPSg==&google_push=ARnp8GBTdrAlqIGNXSyRqjkc0sqfm28twzHEnXZjwPlJSSDi9spH1Jla_JMi-IP8pxxfXP1fBsCGkwJ6xgu1s4sRkQCJC-pJavw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E747
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOQ1_NxmE09FXOW_hnHPzlg&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsPjJuGM_cjYNKCUWfAAAAqYAAAIB&google_gid=CAESEOQ1_NxmE09FXOW_hnHPzlg&google_cver=1&google_push=ARnp8GCVbFL3gzGF497QS-x7ICwGal8lvbzNR...

170 B
188 B

50ms
50ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsPjJuGM_cjYNKCUWfAAAAqYAAAIB&google_gid=CAESEOQ1_NxmE09FXOW_hnHPzlg&google_cver=1&google_push=ARnp8GCVbFL3gzGF497QS-x7ICwGal8lvbzNRMnuuealdYmsYmFX1x7RiZFpUfxf1141wcC4KjM3Z-yAVwGGk6_KywPxsHjLx08

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsPjJuGM_cjYNKCUWfAAAAqYAAAIB&google_gid=CAESEOQ1_NxmE09FXOW_hnHPzlg&google_cver=1&google_push=ARnp8GCVbFL3gzGF497QS-x7ICwGal8lvbzNRMnuuealdYmsYmFX1x7RiZFpUfxf1141wcC4KjM3Z-yAVwGGk6_KywPxsHjLx08
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Sat, 04 Jun 2022 03:59:44 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E747 0
12 B 50ms
49ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KgRz0DqFTVy0ImeLH5wN2svQmaxdvBn1kzoCU0Ur8jYSg8RSxmRszNJajhSaN4PHoF3J8t

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=726412217&pi=t.aa~a.3883570816~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280&nras=3&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=iFeCT9w7M6&p=https%3A//sud.ua&dtd=32

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5825321732835115008/ Frame F73E 92 KB
25 KB 50ms
50ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=B0sNfgdfqQ&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ddc95507676c16045fd509f101f5dfe5e57b1c28a5b55cebe9b857deb7f7d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:44 GMT
expires: Sun, 04 Jun 2023 03:59:44 GMT
last-modified: Wed, 27 Apr 2022 09:23:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3ECB 0
27 B 163ms
93ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5Otf0PeovQrowyjPrytrvd7KeIFqcGggprcuvfkpqHjPb0io3M7ch0C_Kni5RbR1j8_qJRsRddidUIti6vPTywIFTuB-eaXFScD73M8kRgVBimly94pDY0pCCe4nO3uX3gWx3zw5d53qJ9Su41Rt4gEt4T0OPdZKgKFo_6FT0NnDJPF3rBUtW9JkaU9BsYz9fVglXI9R8rNL0s-i3tmIAEDerizau9Q0nNHiJh6oFS3xBa2qcDNd0NSeA91NE5K5L-sqkwZzI6tD43B-WvVQtAvVD9hrMWs-G030XT0rTgyn-2_YUsx35Ks8WfbIQVacMQxa6CGDX64D-FwgQMgQv1GTNLCzXuXrF-gCh9URAFVE44teR4GAZyXDjT9f8nKN3oYeuElliAhvfjkuWG-6L-L_jTY4_zFpGTqq2rXX36BBhnw-g1Owmt1BS5BL1wfKXOrd6MBtqvWAtE_KG_hnE-YQLiDXxaCJJVue3oU9S9Yi2SR0NqDolnKNRtOT7j4kNXNUAy55ydHOZwAbki5Dm0jfHbqsU1z_xNdvIAhdU-9mbitEDOY4VCgzBKhg2RAa1zq4S7ZUB42RfHuHMS9sCH8ycHJGo6kwd27favNdwXO9ABc8KQoeRJ0fmMU-chUsyhfFObxFxGwQbhmEPHlaK1rlUPSD1Oh9IVr-9gRmEDwjZBPNa-DhGwBOEfrXabhlsOU9pmhFoDiHtYE18NaO9Ee1PIUBoT4XCGgOcwpIg4X95zCBPK3q7FKDxPo-M3HhNlU56rz7cNcToC3fLJsfpP_955In1lx7kmGeLC9LBExeXsFHkLGmVHliNnzGT4FzTq4zW11acOx4gczvs09Cn6G8Ii43e3tToIMM58Rbr26IhYVBDcOVkFVI_zRSbvmV99rf-8H-30tz0jpWmhsIhNgRiAWXGL88vWiWQzgD7qFo8paw_ccoVaZydTUFo93ID-EJWuwwwDog_qAJYQPFCnaeZGgHS3ETWIDo5b9gBMVFS0WHnhzg-6LKEFB-EtQuyYwhp7Rrvvu_y_ACOILBzk91ksjSKGWNVa9DKnkEPrC7P1UwimL4jIXrfetrt1I14Z0_G-miZYssc22OYoAKpZw-7UFazdJ6-igSPimQxOv-ETEDyOGpDHZVQs7lHRWtbwhlJ7q8dxrrqWXl541a2DVTj1DzITasJeOZfIfLyOZoi_IBVjqQWRazjZ6AkS1IXTzwxRv43cbwpUCdQHhcVXi56LfQFge6a0D1NnTdN-uFMcHFxeNFuAzyWF9-m1N-FIL7OZ-wRVCvlamV1OcKCOea-pp4-iYgfiTsRlMQoZRrRtp8&sai=AMfl-YQloRLZvwB2MYhYgL5y1P0vgqdgqN-hHh8CU3qdHduX9xeG85B8_9eSYM61g2lg4DJdz72yncafI0ZCTD8Z7EMgKMYSoS_TbImDONQHYWXikHRFslka_SUDrTdTB4vm-v_bt47VUquJdV9H0G6Lo8QH2e6XsCogvr7JcTLfcg8hNWoAycEJdaXFQ2-WEZXwMo19H8K_5zL-08mEACZ7NStVvYo&sig=Cg0ArKJSzFCRlZODVJ_NEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=294&cbvp=1&cstd=290&cisv=r20220601.33871&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 04 Jun 2022 03:59:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5825321732835115008/ Frame 4CB1 92 KB
25 KB 50ms
50ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=vO15wzw2A0&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ddc95507676c16045fd509f101f5dfe5e57b1c28a5b55cebe9b857deb7f7d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 03:59:44 GMT
expires: Sun, 04 Jun 2023 03:59:44 GMT
last-modified: Wed, 27 Apr 2022 09:23:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FBBC 0
27 B 148ms
85ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUIyC4QufNpq33lThh5bvBKVCtUJupRWafT_UrrYtBkQD7uR0AFdtFwni1Fw-kgcjKuyfDw0XuKru9rsTqk7nCnFU3zs0FjqvBAqOO2TKEhXCiUaETbCXUk8hM0fEmuNC1IvMG4AFBEYVSZAABrYFkcOLOmbWvJTCsX-0oAEB6esUJYz__MTQKV9uWk3zeAGXyMlpIkKGpVj5nWER3GXVNs0We4SJwKwrKhTaUl5L02gJZp5Chmml4nj6IZhvI8p4oHmY6skcsEZziY_PyowpPAI43vU0ekxox0FP3R7GfZ0ce_nk72shQ6aMI7wP52noifn4D5zGYyGb1Ll7dEQno6ta--LZ7AD-7LkP5kInHPWFTChNmqOD4dBHKrMtuyIz2NaojcA71VmzwdNdffrRDyDp-cEWrOBnXmoO_p6553ajiSOA19yZ3BIzkodqmE71df-B6aEosSKEeUacIM-h_i7I0TYieYgkfqCcft-t-_1YrlC6YZVM34KrpsjVOxEibG3jcNXTVldRzFSKT7y7sSc1iMY7JwkdDNVpPZXdvFBs3bJSnyfdH5WJEUrph7MeRRW8Kihga1ESBMFWk1ByOAEkl1fTkY6-uQn0mwnPjyzusSVg2BmYQe6cBr9dQALwqPTigTZDs7cr6aSQ0us87mzDpuaW4JgVxurQ3FhYqNOfH_dN5Aky2wjvqUl8XFVtWCLfN-oJPT3cMABJRD0wH1AAcosPMx2_2K8aU4cb6l3nTPtQo7_B4QBFu1feYtB4YIlfkBN4Q-fxKCx8A4Ib9tCKe3anrM3o6m-I069bJuvpLSk7lZ85hmWwqUkr3BtZiO9WwMNJZIF8BCV6cf3PP9VykUEifSkwWOUkgpgbq0SGoxYzeL9qIG5nzCcqgyIOdHdVIoNhmWY9q0rfkPzR9EKsd1G-kVvIKvNm6lGwRdKXcQoZkzti75gRqXSM0uavNiz-MvpBDQl9uF8DGrnoQAGSDiWDwtD9AKMv-wojfaOMZPjZ23ZyXremTIWZwdIEr6u-lI-ZIyQu29XB6nskKVZi_3GLRRXR-BfPWLmG_5lxah7dB5hUvCw-qNAAQscA4GbZskmZnixypgix8OvDrxG2s_hvWh_HhCX8GLMkvft8Mqjjc7NYoUXybwJWVp9TZbiCEBfPpKclhoIPQInny_2mgO8j44KFOVdfcqwCZDhaFc8WduWqHscbStofXjfvnJLFG2iRGLFhO1kFWOq5n0ojrNgXbIZF9owEO0HSzblbfSqE16F6bFfreFvqFLVAHx1wYgt7LyjNoKLEckUWeeG8fFsmodLq6FUomRw&sai=AMfl-YTug07v6oGUz9RRqAhOOqkNocPGlXANFWC5zd53Kfkon4Atnjn5am5s8P7F5hU7Qerw9tR6JxVNn1LwBOWA-86-l_4LK_qt5AS0QeWPwPLtnd4paZ1q-2Mnm5zIPHT7hEHUw8p6rIl1-c7bBuM5z0Hwwikej53uXV9JXcFAmbjSsgCGlMFvGvcZGHxKXyLJf22nDhUQryh9KziLv2OSSmKV774&sig=Cg0ArKJSzNEy7B_YNdqSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=196&cbvp=1&cstd=192&cisv=r20220601.04876&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 04 Jun 2022 03:59:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3E3F 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 50850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 13:52:14 GMT
expires: Sat, 03 Jun 2023 13:52:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D3B2
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGOSd4DwO5RXkY8jpXut47s&google_cver=1&google_push=ARnp8GAFFYiUHGfxyZfOZCOpEJ9__0dQIxS76qqGhvcmiwf-eu02sq7kYb...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAFFYiUHGfxyZfOZCOpEJ9__0dQIxS76qqGhvcmiwf-eu02sq7kYbfhPBELbuFGvPB2JPCcwRSYkK5Yd11HwIcOf9NMorHJ&google_hm=bZKSpCIDsmq9...

170 B
188 B

51ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAFFYiUHGfxyZfOZCOpEJ9__0dQIxS76qqGhvcmiwf-eu02sq7kYbfhPBELbuFGvPB2JPCcwRSYkK5Yd11HwIcOf9NMorHJ&google_hm=bZKSpCIDsmq9QuSWc7mJpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAFFYiUHGfxyZfOZCOpEJ9__0dQIxS76qqGhvcmiwf-eu02sq7kYbfhPBELbuFGvPB2JPCcwRSYkK5Yd11HwIcOf9NMorHJ&google_hm=bZKSpCIDsmq9QuSWc7mJpg
pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame D3B2 43 B
61 B 73ms
41ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAhieyC-wdTGtXdiWBrxYcI&google_push=ARnp8GAh04s2d_V_Pl-aK0-pfFVE2GtTLH70CEn-qsoCIKEdLe5Lid0RqIBRLD_-E3xSK1DKTzwcZrIGnQ6HUQkOfxjADt_9ddVm&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame D3B2 43 B
64 B 35ms
32ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDVxPTVHF2RPat8BhZRvgAw&google_cver=1&google_push=ARnp8GBhd7dsCh5hIlC51xrL8YcQLzD0reEgCqzQcFRdvJBgRvaULslOmqincjLvsfWI5miyq_CJ8pauAytrxYtgzBEsc14C1uAb
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: va754h3hc3sjnb0ps80lmkbfnj47t5g1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D3B2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IX3N7wYLQ6SFWK1lU2AT-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IX3N7wYLQ6SFWK1lU2AT-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBHrA0Jmns4mU1UTrpXKyRXv68xhvQ0kOEIaBnljt_irOB-awWAcAq8aG81nReKdUX2WYapa1yor20oM1YbJEtRl2ZEj3NY

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IX3N7wYLQ6SFWK1lU2AT-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBHrA0Jmns4mU1UTrpXKyRXv68xhvQ0kOEIaBnljt_irOB-awWAcAq8aG81nReKdUX2WYapa1yor20oM1YbJEtRl2ZEj3NY
date: Sat, 04 Jun 2022 03:59:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D3B2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF3ZYSrcefcNhcbv4PitQZQ&google_cver=1&google_push=ARnp8GATRelj1LAHJm7XGtzKQzz-W9Lbg2puKhNhhf99Fe_dGRIyjcjY5DZmzSY0Uod4SMbC5U2...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pRN0MtMjUtMUxMRw==&google_push=ARnp8GATRelj1LAHJm7XGtzKQzz-W9Lbg2puKhNhhf99Fe_dGRIyjcjY5DZmzSY0Uod4SMbC5U2t3VUUQCUECzYiykRyvF37MWza

170 B
188 B

51ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pRN0MtMjUtMUxMRw==&google_push=ARnp8GATRelj1LAHJm7XGtzKQzz-W9Lbg2puKhNhhf99Fe_dGRIyjcjY5DZmzSY0Uod4SMbC5U2t3VUUQCUECzYiykRyvF37MWza

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNaQ0pRN0MtMjUtMUxMRw==&google_push=ARnp8GATRelj1LAHJm7XGtzKQzz-W9Lbg2puKhNhhf99Fe_dGRIyjcjY5DZmzSY0Uod4SMbC5U2t3VUUQCUECzYiykRyvF37MWza
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D3B2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAdRORfSKabCIRyiZRupT_U&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsPjJuGM_cjYNKCUWfAAAAqYAAAIB&google_cver=1&google_push=ARnp8GASlsJi8uRM2eZllZGMT9vUZ_Qq2_oRGHNd1S3BvJvqHoSvwB7EGzdXM-tHZAkmFqdQykij...

170 B
188 B

53ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsPjJuGM_cjYNKCUWfAAAAqYAAAIB&google_cver=1&google_push=ARnp8GASlsJi8uRM2eZllZGMT9vUZ_Qq2_oRGHNd1S3BvJvqHoSvwB7EGzdXM-tHZAkmFqdQykijDoQS9Gx1Q4emxZuZiejq858&google_gid=CAESEAdRORfSKabCIRyiZRupT_U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Jun 2022 03:59:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YprYsPjJuGM_cjYNKCUWfAAAAqYAAAIB&google_cver=1&google_push=ARnp8GASlsJi8uRM2eZllZGMT9vUZ_Qq2_oRGHNd1S3BvJvqHoSvwB7EGzdXM-tHZAkmFqdQykijDoQS9Gx1Q4emxZuZiejq858&google_gid=CAESEAdRORfSKabCIRyiZRupT_U
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Sat, 04 Jun 2022 03:59:45 GMT

GET googleredir
googlecm.hit.gemius.pl/ Frame D3B2 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D3B2 0
12 B 50ms
49ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J3UySSZyqN0DG2-aSYvyTcYRXuZvNt5wRRmsw6pOcrX4GfjYf6ZLDggsEjC8eYcmtzL-u2OA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2535113839332652&output=html&h=280&adk=2088074589&adf=3254488898&pi=t.aa~a.3206785817~i.5~rp.4&w=420&fwrn=4&fwrnh=100&lmt=1654315183&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6541290418&psa=0&ad_type=text_image&format=420x280&url=https%3A%2F%2Fsud.ua%2F&fwr=0&pra=3&rh=350&rw=420&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654315183695&bpp=1&bdt=1513&idt=-M&shv=r20220601&mjsv=m202205310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc3ee78b4465a2653-226de67da6cd003e%3AT%3D1654315183%3ART%3D1654315183%3AS%3DALNI_MbX2ZM7E7EwKCzHGrAkj5aeavbQOg&prev_fmts=0x0%2C420x280%2C420x280&nras=4&correlator=262224705843&frm=20&pv=1&ga_vid=715736791.1654315183&ga_sid=1654315183&ga_hid=1528959078&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4919&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793&oid=2&pvsid=4226210653489786&pem=888&tmod=133299312&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=CoToyM4jCZ&p=https%3A//sud.ua&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 56D0 7 KB
6 KB 55ms
55ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efe3bcc765b2dd7327d19ad8c49576b39896a2302ebeba30df7be531511005cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jun 2022 03:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5657
x-xss-protection: 0

GET
H3 200 prod_studio_01_247_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame 56D0 31 KB
10 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=5LJkqKfZMV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 23:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10616
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 23:54:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E907 17 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 03:59:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F73E 3 KB
630 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=B0sNfgdfqQ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55475f690303f28766cea7ae2214bca689adb1d19426a636ae5f812d30ed88aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 03:59:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 04 Jun 2022 03:59:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Jun 2022 03:59:45 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F73E 118 KB
40 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=B0sNfgdfqQ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=B0sNfgdfqQ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 12:04:20 GMT

GET
H3 200 gsap_3.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F73E 54 KB
22 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=B0sNfgdfqQ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=B0sNfgdfqQ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22005
x-xss-protection: 0
last-modified: Mon, 11 Nov 2019 18:08:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 03:59:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4CB1 3 KB
630 B 52ms
52ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=vO15wzw2A0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55475f690303f28766cea7ae2214bca689adb1d19426a636ae5f812d30ed88aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 03:38:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 04 Jun 2022 03:59:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Jun 2022 03:59:45 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4CB1 118 KB
40 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=vO15wzw2A0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=vO15wzw2A0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 12:04:20 GMT

GET
H3 200 gsap_3.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4CB1 54 KB
22 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=vO15wzw2A0&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=vO15wzw2A0&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22005
x-xss-protection: 0
last-modified: Mon, 11 Nov 2019 18:08:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Jun 2022 03:59:45 GMT

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame E1E2 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 12:46:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 56D0 17 KB
6 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 03:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 04 Jun 2022 03:59:45 GMT

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E3F 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 12:46:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8D1 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBw4SsNiaYu7nCNLE7_UPgZqRyAsAAAAAOAHgBAI&bg=!MDOlM3fNAAao8wy8iPM7ACkAdvg8WkcL6URZ3ZYLmoMCmvZzB8Z0ztKWB-EsrJj3GVAwysHJl4F-sgIAAAEGUgAAAAJoAQeZArfrOjv47I6u-E__jYdt5yBB1GGJKlSTRNv9FHCy2exPVeKss7wUfhNA0IRZI_OM9B82jkJPvVasI413wzldEWCGZ3ecuHQCXjOrx28yf3qvEpk3GJPMfOTcZxNZNyR1ZCZlRSxMZhooSUVBHBq-ovKrnK2fn9O65V6q6YCbey3FPceWNqhy51J3785hjYOzBtdnfLuHax4rZqoGqk463m7bY14JTSH_ogAJHf-htYwH531giac97ZxsZtovvQh6DXcEQpyJ2IkF4L8BgFqApusQvkzn-GNomZGez4hTPVAuiCbJIRrnF8b1xZRqx-ML4MUvNfe8r2MzKQ7xATr6HJergWMv_XbLFcsSwZQh0ArV02AGwX8TAZq7GQ0LwvVuq1_NJVZjjt2Y7TdtpHUG8wfYdLnmbrLGzGm3REqeHdNO_lzLZ9IoyHK801TexK9OZ8yHdl0TlHWVfOg-vneP0CYJ-6idOXSu9vigmXhJhj9a4cfQXHmYJDeN6UbHlTe7anPyT7ixrOqTk8ej-TBw6hfS6Ji1jc4SeaeHCTAnza-FEGPM3VRMZLQL8oAE3CVFpnNden9JTdmTfnn2OhevFap5vjmGSXT9GmnpitxBDZ-4y4nUPslzoQjtPCMt3_3oEN_eCs_FcvcNyFq8WTb5HNYyT6FUaNs875VQhe8At-2Nu6DUAh7OwpWYZODtIwTHITJzvsrgFVN7aCJXUCR4R52bYsoEae6ElBdDUyszX9YPPvzCFR1KxlKQCgrXZxr9V5rKG3V_Nr2P5fjezaxGHpIdYN16zHDqm98O74Xyu1ZnyzJBwUbFztuFNgoTeeicjtatEqsZ96OL-vv8_Hbn0wypOv3XIyJHdC9btE7Sl-s3qzflYcSUo5qYrtEngeH9XR2h63HvgPJb6sYTTht_k7F92t3zYwgsyg

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 03:59:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 21A2 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 12:46:15 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/5825321732835115008/ Frame 56D0 2 KB
1 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5825321732835115008/logo.svg

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0fe0dabaf5e69e88b98234e97cdd6b5dd26560b787c051167a3e9eddfbc284c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=5LJkqKfZMV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 22:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107543
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:23:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Jun 2023 22:07:22 GMT

GET
DATA 200
OK truncated
/ Frame 56D0 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 8375933029662067248
s0.2mdn.net/simgad/ Frame 56D0 49 KB
49 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8375933029662067248

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f64092ea9b35dfb77ddab16abe301a6dc38a56b7951e22c6ccf422a0e411dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5825321732835115008/index.html?e=69&leftOffset=0&topOffset=0&c=5LJkqKfZMV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 22:30:52 GMT
x-content-type-options: nosniff
age: 106133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50250
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 11:21:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Jun 2023 22:30:52 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3ECB 0
26 B 78ms
77ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5Otf0PeovQrowyjPrytrvd7KeIFqcGggprcuvfkpqHjPb0io3M7ch0C_Kni5RbR1j8_qJRsRddidUIti6vPTywIFTuB-eaXFScD73M8kRgVBimly94pDY0pCCe4nO3uX3gWx3zw5d53qJ9Su41Rt4gEt4T0OPdZKgKFo_6FT0NnDJPF3rBUtW9JkaU9BsYz9fVglXI9R8rNL0s-i3tmIAEDerizau9Q0nNHiJh6oFS3xBa2qcDNd0NSeA91NE5K5L-sqkwZzI6tD43B-WvVQtAvVD9hrMWs-G030XT0rTgyn-2_YUsx35Ks8WfbIQVacMQxa6CGDX64D-FwgQMgQv1GTNLCzXuXrF-gCh9URAFVE44teR4GAZyXDjT9f8nKN3oYeuElliAhvfjkuWG-6L-L_jTY4_zFpGTqq2rXX36BBhnw-g1Owmt1BS5BL1wfKXOrd6MBtqvWAtE_KG_hnE-YQLiDXxaCJJVue3oU9S9Yi2SR0NqDolnKNRtOT7j4kNXNUAy55ydHOZwAbki5Dm0jfHbqsU1z_xNdvIAhdU-9mbitEDOY4VCgzBKhg2RAa1zq4S7ZUB42RfHuHMS9sCH8ycHJGo6kwd27favNdwXO9ABc8KQoeRJ0fmMU-chUsyhfFObxFxGwQbhmEPHlaK1rlUPSD1Oh9IVr-9gRmEDwjZBPNa-DhGwBOEfrXabhlsOU9pmhFoDiHtYE18NaO9Ee1PIUBoT4XCGgOcwpIg4X95zCBPK3q7FKDxPo-M3HhNlU56rz7cNcToC3fLJsfpP_955In1lx7kmGeLC9LBExeXsFHkLGmVHliNnzGT4FzTq4zW11acOx4gczvs09Cn6G8Ii43e3tToIMM58Rbr26IhYVBDcOVkFVI_zRSbvmV99rf-8H-30tz0jpWmhsIhNgRiAWXGL88vWiWQzgD7qFo8paw_ccoVaZydTUFo93ID-EJWuwwwDog_qAJYQPFCnaeZGgHS3ETWIDo5b9gBMVFS0WHnhzg-6LKEFB-EtQuyYwhp7Rrvvu_y_ACOILBzk91ksjSKGWNVa9DKnkEPrC7P1UwimL4jIXrfetrt1I14Z0_G-miZYssc22OYoAKpZw-7UFazdJ6-igSPimQxOv-ETEDyOGpDHZVQs7lHRWtbwhlJ7q8dxrrqWXl541a2DVTj1DzITasJeOZfIfLyOZoi_IBVjqQWRazjZ6AkS1IXTzwxRv43cbwpUCdQHhcVXi56LfQFge6a0D1NnTdN-uFMcHFxeNFuAzyWF9-m1N-FIL7OZ-wRVCvlamV1OcKCOea-pp4-iYgfiTsRlMQoZRrRtp8&sai=AMfl-YQloRLZvwB2MYhYgL5y1P0vgqdgqN-hHh8CU3qdHduX9xeG85B8_9eSYM61g2lg4DJdz72yncafI0ZCTD8Z7EMgKMYSoS_TbImDONQHYWXikHRFslka_SUDrTdTB4vm-v_bt47VUquJdV9H0G6Lo8QH2e6XsCogvr7JcTLfcg8hNWoAycEJdaXFQ2-WEZXwMo19H8K_5zL-08mEACZ7NStVvYo&sig=Cg0ArKJSzFCRlZODVJ_NEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=499&vt=11&dtpt=205&dett=3&cstd=290&cisv=r20220601.33871&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jun 2022 03:59:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3ECB 7 KB
5 KB 54ms
54ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52103fad7a4657098e3ff090b74b26110f3dcbdd0144731c53d0ade7d35c456d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Jun 2022 03:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5467
x-xss-protection: 0

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DC3 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 12:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 12:46:15 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FBBC 0
26 B 78ms
77ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUIyC4QufNpq33lThh5bvBKVCtUJupRWafT_UrrYtBkQD7uR0AFdtFwni1Fw-kgcjKuyfDw0XuKru9rsTqk7nCnFU3zs0FjqvBAqOO2TKEhXCiUaETbCXUk8hM0fEmuNC1IvMG4AFBEYVSZAABrYFkcOLOmbWvJTCsX-0oAEB6esUJYz__MTQKV9uWk3zeAGXyMlpIkKGpVj5nWER3GXVNs0We4SJwKwrKhTaUl5L02gJZp5Chmml4nj6IZhvI8p4oHmY6skcsEZziY_PyowpPAI43vU0ekxox0FP3R7GfZ0ce_nk72shQ6aMI7wP52noifn4D5zGYyGb1Ll7dEQno6ta--LZ7AD-7LkP5kInHPWFTChNmqOD4dBHKrMtuyIz2NaojcA71VmzwdNdffrRDyDp-cEWrOBnXmoO_p6553ajiSOA19yZ3BIzkodqmE71df-B6aEosSKEeUacIM-h_i7I0TYieYgkfqCcft-t-_1YrlC6YZVM34KrpsjVOxEibG3jcNXTVldRzFSKT7y7sSc1iMY7JwkdDNVpPZXdvFBs3bJSnyfdH5WJEUrph7MeRRW8Kihga1ESBMFWk1ByOAEkl1fTkY6-uQn0mwnPjyzusSVg2BmYQe6cBr9dQALwqPTigTZDs7cr6aSQ0us87mzDpuaW4JgVxurQ3FhYqNOfH_dN5Aky2wjvqUl8XFVtWCLfN-oJPT3cMABJRD0wH1AAcosPMx2_2K8aU4cb6l3nTPtQo7_B4QBFu1feYtB4YIlfkBN4Q-fxKCx8A4Ib9tCKe3anrM3o6m-I069bJuvpLSk7lZ85hmWwqUkr3BtZiO9WwMNJZIF8BCV6cf3PP9VykUEifSkwWOUkgpgbq0SGoxYzeL9qIG5nzCcqgyIOdHdVIoNhmWY9q0rfkPzR9EKsd1G-kVvIKvNm6lGwRdKXcQoZkzti75gRqXSM0uavNiz-MvpBDQl9uF8DGrnoQAGSDiWDwtD9AKMv-wojfaOMZPjZ23ZyXremTIWZwdIEr6u-lI-ZIyQu29XB6nskKVZi_3GLRRXR-BfPWLmG_5lxah7dB5hUvCw-qNAAQscA4GbZskmZnixypgix8OvDrxG2s_hvWh_HhCX8GLMkvft8Mqjjc7NYoUXybwJWVp9TZbiCEBfPpKclhoIPQInny_2mgO8j44KFOVdfcqwCZDhaFc8WduWqHscbStofXjfvnJLFG2iRGLFhO1kFWOq5n0ojrNgXbIZF9owEO0HSzblbfSqE16F6bFfreFvqFLVAHx1wYgt7LyjNoKLEckUWeeG8fFsmodLq6FUomRw&sai=AMfl-YTug07v6oGUz9RRqAhOOqkNocPGlXANFWC5zd53Kfkon4Atnjn5am5s8P7F5hU7Qerw9tR6JxVNn1LwBOWA-86-l_4LK_qt5AS0QeWPwPLtnd4paZ1q-2Mnm5zIPHT7hEHUw8p6rIl1-c7bBuM5z0Hwwikej53uXV9JXcFAmbjSsgCGlMFvGvcZGHxKXyLJf22nDhUQryh9KziLv2OSSmKV774&sig=Cg0ArKJSzNEy7B_YNdqSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=444&vt=11&dtpt=248&dett=3&cstd=192&cisv=r20220601.04876&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: sud.ua
URL: https://sud.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS