urlscan.io logo urlscan.io
SecurityTrails logo

subject.com.ua Open in urlscan Pro
31.131.26.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://subject.com.ua/
Effective URL: https://subject.com.ua/
Submission: On April 10 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 16 domains to perform 55 HTTP transactions. The main IP is 31.131.26.2, located in Ukraine and belongs to VPS-UA-AS, UA. The main domain is subject.com.ua.
TLS certificate: Issued by R3 on February 12th 2022. Valid for: 3 months.
This is the only time subject.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 31.131.26.2 56851 (VPS-UA-AS)
1 2600:9000:206... 16509 (AMAZON-02)
1 13 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:224... 16509 (AMAZON-02)
4 2a03:90c0:41:... 199524 (GCORE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 142.250.184.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:206... 16509 (AMAZON-02)
1 3.125.177.194 16509 (AMAZON-02)
1 199.101.133.2 40824 (WZCOM-)
55 25
4    31.131.26.2 (Ukraine)

ASN56851 (VPS-UA-AS, UA)
PTR: valerym.sv
subject.com.ua
1    2600:9000:206f:bc00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
13    2606:4700:10::6816:3bc7 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
media.vlitag.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
2    2600:9000:224a:ba00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
4    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
1    2600:9000:2057:4400:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
1    2a00:1450:400c:c01::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.googlevideo.com
1    2a00:1450:4009:4::6 (London, United Kingdom)

ASN15169 (GOOGLE, US)
r1---sn-aigl6ns6.googlevideo.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
2    2600:9000:206f:3200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    3.125.177.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-177-194.eu-central-1.compute.amazonaws.com
audit-tcfv2.quantcast.mgr.consensu.org
1    199.101.133.2 (United States)

ASN40824 (WZCOM-, US)
serving.stat-rock.com
Apex Domain
Subdomains		 Transfer
13 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 18775
tag.vlitag.com — Cisco Umbrella Rank: 22509
assets.vlitag.com — Cisco Umbrella Rank: 22368
media.vlitag.com — Cisco Umbrella Rank: 29576
1 MB
11 google.com
cse.google.com — Cisco Umbrella Rank: 2596
www.google.com — Cisco Umbrella Rank: 4
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2298
clients1.google.com — Cisco Umbrella Rank: 405
251 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
160 KB
4 consensu.org
test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5832
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2167
audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 10095
163 KB
4 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 45202
84 KB
4 subject.com.ua
subject.com.ua
34 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 44987
get.optad360.io — Cisco Umbrella Rank: 26184
304 KB
2 googlevideo.com
redirector.googlevideo.com — Cisco Umbrella Rank: 670
r1---sn-aigl6ns6.googlevideo.com — Cisco Umbrella Rank: 161205
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
3 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 417
www.googleapis.com — Cisco Umbrella Rank: 28
125 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
161 KB
1 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 14036
98 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3132
501 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
28 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
38 KB
55 16
Domain Requested by
9 assets.vlitag.com tag.vlitag.com
subject.com.ua
5 www.google.com cse.google.com
www.google.com
subject.com.ua
4 cdn.admixer.net subject.com.ua
cdn.admixer.net
4 subject.com.ua 1 redirects subject.com.ua
3 securepubads.g.doubleclick.net get.optad360.io
www.googletagservices.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 quantcast.mgr.consensu.org assets.vlitag.com
2 cdn.jsdelivr.net get.optad360.io
assets.vlitag.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 get.optad360.io subject.com.ua
get.optad360.io
2 cse.google.com subject.com.ua
www.google.com
2 pagead2.googlesyndication.com subject.com.ua
pagead2.googlesyndication.com
2 services.vlitag.com subject.com.ua
services.vlitag.com
1 serving.stat-rock.com get.optad360.io
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 www.google.co.uk subject.com.ua
1 r1---sn-aigl6ns6.googlevideo.com subject.com.ua
1 redirector.googlevideo.com 1 redirects
1 media.vlitag.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 test.quantcast.mgr.consensu.org assets.vlitag.com
1 clients1.google.com subject.com.ua
1 www.googleapis.com subject.com.ua
1 imasdk.googleapis.com tag.vlitag.com
1 www.googletagservices.com tag.vlitag.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 tag.vlitag.com services.vlitag.com
1 www.googletagmanager.com subject.com.ua
1 cmp.optad360.io subject.com.ua
55 29
Subject Issuer Validity Valid
subject.com.ua
R3		 2022-02-12 -
2022-05-13		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-13 -
2022-06-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
quantcast.mgr.consensu.org
R3		 2022-03-22 -
2022-06-20		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
serving.stat-rock.com
R3		 2022-02-27 -
2022-05-28		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://subject.com.ua/
Frame ID: 54100792579D07FB7DE8400D851D0CA6
Requests: 53 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45158/c.html?b=45158
Frame ID: 2EEEC507F09A53FA5BDF61514FDB1412
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Frame ID: 516FDC07FE6659F8847E98156135D5B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Всі предмети - Великий довідник школярашукати

Page URL History Show full URLs

  1. http://subject.com.ua/ HTTP 301
    https://subject.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

55
Requests

98 %
HTTPS

85 %
IPv6

16
Domains

29
Subdomains

25
IPs

5
Countries

2871 kB
Transfer

7438 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://subject.com.ua/ HTTP 301
    https://subject.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y HTTP 302
  • https://redirector.googlevideo.com/videoplayback?expire=1649573086&ei=fihSYof_H8ijkwaSxoqIBw&ip=184.164.141.146&id=o-ACFa3ELlQJCCAS85Y5oRCQJaoPknwaPBzTrkIZvLJwdT&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3a&mm=31%2C29&mn=sn-a5mlrnel%2Csn-a5meknsy&ms=au%2Crdu&mv=u&mvi=6&pl=23&spc=4ocVC5QhWzKdPHUaAIJ_VCv1kbZq&vprv=1&mime=video%2Fmp4&ns=8OQ-PxcmuDKYMrjR_qXHvtcG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&mt=1649550590&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=9ae5j-r6xtdHSSs8Ec&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgY6Svhw1Se7QEB4CA_uNfu6LbOfcYSG4lUUBODryuXgoCIG91pzBGS6Wm8txyynjIkSxgVS4M25Jgy_thZNnIFZML&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAIlyAdlpBcRuDIlBJ9mBbOb2xvfmoJj0b41zUO_90hx_AiBcXBL4Z50o-6_DGWZL1LkMQ6azlDW1iakGg-WlnwQFTw%3D%3D HTTP 302
  • https://r1---sn-aigl6ns6.googlevideo.com/videoplayback?expire=1649573086&ei=fihSYof_H8ijkwaSxoqIBw&ip=184.164.141.146&id=o-ACFa3ELlQJCCAS85Y5oRCQJaoPknwaPBzTrkIZvLJwdT&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=4ocVC5QhWzKdPHUaAIJ_VCv1kbZq&vprv=1&mime=video%2Fmp4&ns=8OQ-PxcmuDKYMrjR_qXHvtcG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=9ae5j-r6xtdHSSs8Ec&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgY6Svhw1Se7QEB4CA_uNfu6LbOfcYSG4lUUBODryuXgoCIG91pzBGS6Wm8txyynjIkSxgVS4M25Jgy_thZNnIFZML&cms_redirect=yes&mh=3a&mip=2a02:8c8:c10:30::15&mm=31&mn=sn-aigl6ns6&ms=au&mt=1649558232&mv=u&mvi=1&pl=32&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAO_feXf7bW506B-ikn3zTSv1uHEprz5_4oDNvnAU5KkUAiAJmURikxpeqUaz171xG47yOipiFX387jT-GmJ1p-SzOg%3D%3D

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
subject.com.ua/
Redirect Chain
  • http://subject.com.ua/
  • https://subject.com.ua/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
be4bee1c0adb071345a1a002e7222e037388ee20c4dbfff433b80297d0d5826a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, s-maxage=10
Connection
close
Content-Encoding
gzip
Content-Length
4061
Content-Type
text/html; charset=utf-8
Date
Sun, 10 Apr 2022 02:41:44 GMT
Server
Apache
Vary
Accept-Encoding
X-Mod-Pagespeed
1.13.35.2-0

Redirect headers

Connection
close
Content-Length
231
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 10 Apr 2022 02:41:44 GMT
Location
https://subject.com.ua/
Server
Apache
style.min.css
subject.com.ua/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subject.com.ua/css/style.min.css
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
707c74e779762b2e450b6959ae22c2c6b0b26079fffe308b6427dcf8347506f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 02:41:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Nov 2021 09:42:02 GMT
Server
Apache
ETag
"15dc-5d1c205107e0e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3600
Connection
close
Accept-Ranges
bytes
Content-Length
1430
97672d69-12a2-43ea-9222-362234514ff0.min.js
cmp.optad360.io/items/ 		258 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/97672d69-12a2-43ea-9222-362234514ff0.min.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:bc00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da9da6cc08f4fae96cb11b10e093fc4d19f871c3d4b46a2a48ee7f26637b92e5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
content-encoding
gzip
last-modified
Fri, 15 Jan 2021 12:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"c7b5c09d2b1684bb417714719df59bd9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-id
QfkgS-MJ5vIYZooAsdgTUSOyHZbyJvvrGg_ae97JDssde4w-iwc_9A==
/
services.vlitag.com/adv1/ 		992 B
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=5598e1b3b98c8d6b64510b079b293843
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f909843b981d3cf9ff1c6218908ab5c56ab49dadb3d548a1fc7f27559ca47b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 10 Apr 2022 02:45:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
6f982598bb1d892a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
on, 01 Jan 1970 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8989d7b732c756757007b57d934565e7ce80f01be8964231aeeeb1232b2b63e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54016
x-xss-protection
0
server
cafe
etag
1587232693610539900
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Apr 2022 02:45:31 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1099121-7
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e992f6616816f175a22ba8089d0b07319eec138b880583531bd0bb6e9d8a3826
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38047
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 10 Apr 2022 02:45:31 GMT
cse.js
cse.google.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
36049c04da23133636b6edfac85b5d817eed4c0febbe357ce653978cda40fe96
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3503
x-xss-protection
0
server
gws
expires
Sun, 10 Apr 2022 02:45:31 GMT
plugin.min.js
get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/ 		381 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:ba00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc99988433b256edb38d5589a236b5202f2c8c2c6d3ebb2938d0879a1073fd1e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 10:27:11 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
etag
W/"8b0695193342daf7abf1e81cf5f5f0b4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-id
K9_NS8YZwa7gZ302VE2Ux_-x8k9aue9Y9Te5pyOZAY7vRndaa0FXlQ==
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5d253c1f2c6fcbd61576ca67a936360e21f9c1945dcbbc9eda03cf177fe99079

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:19:47 GMT
server
nginx
etag
W/"624ef303-2c101"
x-cached-since
2022-04-10T02:39:37+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Fri, 08 Apr 2022 08:54:48 GMT
Roboto.woff2
subject.com.ua/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subject.com.ua/fonts/Roboto.woff2
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/css/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.26.2 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
valerym.sv
Software
Apache /
Resource Hash
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e

Request headers

Referer
https://subject.com.ua/css/style.min.css
Origin
https://subject.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 10 Apr 2022 02:41:44 GMT
Last-Modified
Wed, 04 Dec 2019 15:02:31 GMT
Server
Apache
ETag
"6d84-598e21a197121"
Content-Type
font/woff2
Cache-Control
s-maxage=10
Connection
close
Accept-Ranges
bytes
Content-Length
28036
c.html
cdn.admixer.net/scripts3/45158/ Frame 2EEE 		738 B
511 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45158/c.html?b=45158
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 10 Apr 2022 02:45:31 GMT
etag
W/"624ef312-2e2"
expires
Sun, 09 Apr 2023 08:44:48 GMT
last-modified
Thu, 07 Apr 2022 14:20:02 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-04-08T08:44:48+00:00
x-id
fr5-up-gc38
376cef9bc739cb759b1b.b.js
cdn.admixer.net/scripts3/45158/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45158/376cef9bc739cb759b1b.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:19:53 GMT
server
nginx
etag
W/"624ef309-5d41"
vary
Accept-Encoding
x-cached-since
2022-04-08T08:44:48+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 09 Apr 2023 08:44:48 GMT
8fa10895f61293c9aa16.b.js
cdn.admixer.net/scripts3/45158/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45158/8fa10895f61293c9aa16.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:19:59 GMT
server
nginx
etag
W/"624ef30f-12a41"
vary
Accept-Encoding
x-cached-since
2022-04-08T08:45:13+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 09 Apr 2023 08:45:13 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1099121-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4241
date
Sun, 10 Apr 2022 01:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 10 Apr 2022 03:34:50 GMT
cse_element__uk.js
www.google.com/cse/static/element/3e1664f444e6eb06/ 		306 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__uk.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3921d22e340021189f986befdb097d34a4d1142b3c0a2565ef53f5d0971c1748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 19:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103146
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 17:07:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 07 Apr 2023 19:43:02 GMT
default+uk.css
www.google.com/cse/static/element/3e1664f444e6eb06/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/3e1664f444e6eb06/default+uk.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 03 Apr 2022 15:17:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
559709
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 17:07:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Mon, 03 Apr 2023 15:17:02 GMT
espresso.css
www.google.com/cse/static/style/look/v4/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/espresso.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:20:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1538
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 10 Apr 2022 03:10:50 GMT
vld.json
services.vlitag.com/uv/ 		12 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/vld.json?page_url=https%3A%2F%2Fsubject.com.ua%2F&mtk=18173&ctt=1649472618
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=5598e1b3b98c8d6b64510b079b293843
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:31 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Apr 2022 02:51:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://subject.com.ua
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6f982599dc1075db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12
x-robots-tag
noindex, nofollow, noarchive, nosnippet
5598e1b3b98c8d6b64510b079b293843.js
tag.vlitag.com/v1/1649472618/ 		515 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/v1/1649472618/5598e1b3b98c8d6b64510b079b293843.js?cc=GB
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=5598e1b3b98c8d6b64510b079b293843
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50c1eb4e61aade2c0fa8f6892d3c6d8672fcf3baf1f49131d4bbb397085e156c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Apr 2022 04:26:45 GMT
server
cloudflare
age
72126
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6f982599cc3b892a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-bgj
minify
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 		301 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22d1c9dda7688f0147cc127c8e938a0a53d6005b1cc5df3f1b7d209202509cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110370
x-xss-protection
0
server
cafe
etag
13494075244932097733
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Apr 2022 02:45:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/ Frame 516F 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
32539
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Apr 2022 17:43:12 GMT
etag
14837630671339829333
expires
Sat, 23 Apr 2022 17:43:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cmp-v2.0.1.js
assets.vlitag.com/plugins/cmptcf2/ 		267 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1649472618/5598e1b3b98c8d6b64510b079b293843.js?cc=GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
904870
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
6f98259aacf7892a-LHR
expires
Tue, 29 Mar 2022 15:39:01 GMT
prebid-6.14.3.js
assets.vlitag.com/prebid/default/ 		597 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1649472618/5598e1b3b98c8d6b64510b079b293843.js?cc=GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca88c87f38ffc56d763162e139ec8a6eb40fa627c00c396bd0a5714b921bb737
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
732157
cf-polished
origSize=611403
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Apr 2022 15:22:31 GMT
server
cloudflare
etag
W/"624718b7-9544b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
6f98259aacf6892a-LHR
expires
Fri, 01 Apr 2022 15:52:50 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1649472618/5598e1b3b98c8d6b64510b079b293843.js?cc=GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
722c06c8a7a9b96c7f07bf888b125c0fddd0722a04dd6ff0c9f7d00b568a25db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28371
x-xss-protection
0
server
sffe
etag
"1183 / 650 of 1000 / last-modified: 1649455717"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Apr 2022 02:45:32 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		374 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1649472618/5598e1b3b98c8d6b64510b079b293843.js?cc=GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22e56b7e66a75203914f5f0cb9cf1c4e95c065f101ace2189cc31de2da60f61e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127633
x-xss-protection
0
expires
Sun, 10 Apr 2022 02:45:32 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1649472618/5598e1b3b98c8d6b64510b079b293843.js?cc=GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
904881
cf-ray
6f98259aacf8892a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Tue, 29 Mar 2022 15:38:45 GMT
ca-pub-2062463022593482
fundingchoicesmessages.google.com/i/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2062463022593482?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2062463022593482&plah=subject.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ffbb794c5ad134c52830fe4d17b6fce646d8827154e9ab6f887701db234b7a88
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-V8eOwYui5voicbiIJtX/bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-V8eOwYui5voicbiIJtX/bw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-V8eOwYui5voicbiIJtX/bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-V8eOwYui5voicbiIJtX/bw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
8b8d82fe498f5dafc237759414624278fdd4d48088e21c176aa51cb651847ca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28371
x-xss-protection
0
server
sffe
etag
"1183 / 392 of 1000 / last-modified: 1649455652"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Apr 2022 02:45:32 GMT
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:ba00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 07:18:43 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
4908410
etag
W/"6dd0a13bde35d2daa452bba998871016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
18VBZsP4Ikdf5kWBqb1f7u1M4xz4ly972hc4nnhJlJec81qGhPCNTw==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1736411234&t=pageview&_s=1&dl=https%3A%2F%2Fsubject.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%20%D0%BF%D1%80%D0%B5%D0%B4%D0%BC%D0%B5%D1%82%D0%B8%20-%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D0%B9%20%D0%B4%D0%BE%D0%B2%D1%96%D0%B4%D0%BD%D0%B8%D0%BA%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8F%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=171681191&gjid=1847170566&cid=1610996712.1649558732&tid=UA-1099121-7&_gid=922414752.1649558732&_r=1&gtm=2ou3u0&z=678358634
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Apr 2022 02:45:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
async-ads.js
cse.google.com/adsense/search/ 		137 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__uk.js?usqp=CAI%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bfafe304a1c30b94987dfdb7062074297df96db9e937288a2a186684ffd1b73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"8778312441911095827"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sun, 10 Apr 2022 02:45:32 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/3e1664f444e6eb06/default+uk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/cse/static/element/3e1664f444e6eb06/default+uk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 17:04:14 GMT
x-content-type-options
nosniff
age
380478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 05 Apr 2023 17:04:14 GMT
generate_204
www.googleapis.com/ 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
clients1.google.com/ 		0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1c9d79d4c1f7434241f585d6cda795673e9a883999631e6889c46d6e01681b1

Request headers

Accept
application/json, text/plain, */*
Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 03:00:35 GMT
content-encoding
br
age
85498
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Mon, 04 Apr 2022 19:52:29 GMT
server
AmazonS3
etag
W/"40af78ddd5428a8827297a3108ff0f96"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
ErQ4DdluPZ.uqNFyIPqTjQ9DZM7Y2Y6Q
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA6-C1
content-type
application/json
x-amz-cf-id
ttlZn2ZUg_hq_7HRY6bBdl-OmfRDqOIbtuh6tlVfZ6y7DzlSAUc1WQ==
collect
stats.g.doubleclick.net/j/ 		7 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1099121-7&cid=1610996712.1649558732&jid=171681191&gjid=1847170566&_gid=922414752.1649558732&_u=YEBAAUAAAAAAAC~&z=1373880939
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 10 Apr 2022 02:45:32 GMT
content-type
text/plain
access-control-allow-origin
https://subject.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022040501.js
securepubads.g.doubleclick.net/gpt/ 		369 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js?cb=31067008
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 14:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128191
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 08:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Apr 2023 14:21:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		328 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=subject.com.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e7f841c9dc420be3320e6b8940f39eb2a8474cf363cf22690557bfde374d35a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Apr 2022 02:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
155
x-xss-protection
0
expires
Sun, 10 Apr 2022 02:45:32 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220410
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf36b407ab26b37f8372006fe01b54fc7daaf12b7f87d4bedd0614ac7ced4283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42268
x-jsd-version
1.0.1306
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19145-FRA, cache-iad-kiad7000063-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-zROwVUeMZ8xvLSxQsiCOSAwzCMI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBlKZaVBG%2BPFDmn6YWOcizRIG%2BEdM0fG486A7wmAoqVSNbmIyyXci6suFmSetiizBcENcEQ%2FEgDsfGXgSvuWF4o%2BkNAbzTKp147JWpgfor3eUT1kop8qHhTdwbpyfC%2F4dNELFFS%2BoDJwohh6O0o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f98259c3f177193-LHR
access-control-expose-headers
*
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220410
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf36b407ab26b37f8372006fe01b54fc7daaf12b7f87d4bedd0614ac7ced4283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42268
x-jsd-version
1.0.1306
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19145-FRA, cache-iad-kiad7000063-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-zROwVUeMZ8xvLSxQsiCOSAwzCMI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6WVo8kdbDHQx5R0v%2Fh83z4UGvZk3E53Y7E0dHhdceS51w02fZaa3qJJb8Y1he%2BNN8in840M8cerRiwn0ajSzv%2FDyiyaU8uGDuCAlKt%2B%2FjUoX%2FyomDXuhKbjrRAYDIq9iZlD3n144njjWclo0pk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f98259c3f197193-LHR
access-control-expose-headers
*
1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
904869
cf-polished
degrade=85, origSize=227959, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
196267
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:11 GMT
server
cloudflare
etag
"5dc1820f-37a77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Tue, 29 Mar 2022 15:38:50 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6f98259c8fa07708-LHR
cf-bgj
imgq:85,h2pri
1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
447312
cf-polished
qual=85, origFmt=jpeg, origSize=140376
content-disposition
inline; filename="1596163502.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
106784
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 31 Jul 2020 02:45:02 GMT
server
cloudflare
etag
"5f2385ae-22458"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 04 Apr 2022 20:37:18 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6f98259c8f9f7708-LHR
cf-bgj
imgq:85,h2pri
1648753746.png
assets.vlitag.com/widget/2022/03/31/ 		141 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2022/03/31/1648753746.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4eb2060150d9fc24ee035cb939a77e9d386616cbb36979dce9cf9276492e1ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
292948
cf-polished
origFmt=png, origSize=241444
content-disposition
inline; filename="1648753746.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
144498
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Thu, 31 Mar 2022 19:09:07 GMT
server
cloudflare
etag
"6245fc53-3af24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 06 Apr 2022 17:30:02 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6f98259c8f9a7708-LHR
cf-bgj
imgq:85,h2pri
1648753124.png
assets.vlitag.com/widget/2022/03/31/ 		395 KB
396 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2022/03/31/1648753124.png
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49250ed8e3698633fe130e218b05ca9f44a8acb04833bd280c2ad570ffcc3cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
805585
cf-polished
origFmt=png, origSize=658743
content-disposition
inline; filename="1648753124.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
404536
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Thu, 31 Mar 2022 18:58:44 GMT
server
cloudflare
etag
"6245f9e4-a0d37"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Thu, 31 Mar 2022 19:28:59 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6f98259c8f977708-LHR
cf-bgj
imgq:85,h2pri
1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2266918
cf-polished
qual=85, origFmt=jpeg, origSize=103053
content-disposition
inline; filename="1592801729.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75514
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Mon, 22 Jun 2020 04:55:29 GMT
server
cloudflare
etag
"5ef039c1-1928d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 14 Mar 2022 21:10:51 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6f98259c8f9c7708-LHR
cf-bgj
imgq:85,h2pri
1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1411822
cf-polished
qual=85, origFmt=jpeg, origSize=151033
content-disposition
inline; filename="1572962870.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109336
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:50 GMT
server
cloudflare
etag
"5dc18236-24df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sat, 12 Mar 2022 23:08:27 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6f98259c8f9d7708-LHR
cf-bgj
imgq:85,h2pri
AGSKWxUVJ0I03rwPJfHvzeDclub0sgmmbzIa4bIhP9PmAkI-cWRcuDU8ymT4rYTrl-_VQ3GmIXXkCq_WhozG-sUh7w==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUVJ0I03rwPJfHvzeDclub0sgmmbzIa4bIhP9PmAkI-cWRcuDU8ymT4rYTrl-_VQ3GmIXXkCq_WhozG-sUh7w==?pvid=A31B5AF8-F047-419B-9071-174BC6B5C291&anonid=B7163813-DF28-4017-BD21-6CDF3FE64847
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.-7g9qY7cFgc.es5.O/d=1/rs=AJlcJMy-6OnRqCDVCdgWQipjjuFo6vVNhQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NiGbTrB1+tqii37k799Bkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-NiGbTrB1+tqii37k799Bkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://subject.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-NiGbTrB1+tqii37k799Bkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-NiGbTrB1+tqii37k799Bkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVgDqaFQjeWhV_n6tPX3eV_r0ncyiz4CVIF4CrRoShmgLrYpMYPfngCG0V7z6-KEq9m43LJMcUA1AKdOovbqQ==
fundingchoicesmessages.google.com/f/ 		250 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVgDqaFQjeWhV_n6tPX3eV_r0ncyiz4CVIF4CrRoShmgLrYpMYPfngCG0V7z6-KEq9m43LJMcUA1AKdOovbqQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ5NTU4NzMyLDIzNzAwMDAwMF0sIkEzMUI1QUY4LUYwNDctNDE5Qi05MDcxLTE3NEJDNkI1QzI5MSIsIkI3MTYzODEzLURGMjgtNDAxNy1CRDIxLTZDREYzRkU2NDg0NyIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3N1YmplY3QuY29tLnVhLyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.-7g9qY7cFgc.es5.O/d=1/rs=AJlcJMy-6OnRqCDVCdgWQipjjuFo6vVNhQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8e92aad85e6a1fa948b3eddc1bd02ef297129a4206295ca9c689b486ff78fe6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-igA5wxGj1le02zETF37cXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-igA5wxGj1le02zETF37cXA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-igA5wxGj1le02zETF37cXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-igA5wxGj1le02zETF37cXA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
videoplayback
r1---sn-aigl6ns6.googlevideo.com/
Redirect Chain
  • https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y
  • https://redirector.googlevideo.com/videoplayback?expire=1649573086&ei=fihSYof_H8ijkwaSxoqIBw&ip=184.164.141.146&id=o-ACFa3ELlQJCCAS85Y5oRCQJaoPknwaPBzTrkIZvLJwdT&itag=134&aitags=133%2C134%2C135%2C1...
  • https://r1---sn-aigl6ns6.googlevideo.com/videoplayback?expire=1649573086&ei=fihSYof_H8ijkwaSxoqIBw&ip=184.164.141.146&id=o-ACFa3ELlQJCCAS85Y5oRCQJaoPknwaPBzTrkIZvLJwdT&itag=134&aitags=133%2C134%2C1...
129 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-aigl6ns6.googlevideo.com/videoplayback?expire=1649573086&ei=fihSYof_H8ijkwaSxoqIBw&ip=184.164.141.146&id=o-ACFa3ELlQJCCAS85Y5oRCQJaoPknwaPBzTrkIZvLJwdT&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=4ocVC5QhWzKdPHUaAIJ_VCv1kbZq&vprv=1&mime=video%2Fmp4&ns=8OQ-PxcmuDKYMrjR_qXHvtcG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=9ae5j-r6xtdHSSs8Ec&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgY6Svhw1Se7QEB4CA_uNfu6LbOfcYSG4lUUBODryuXgoCIG91pzBGS6Wm8txyynjIkSxgVS4M25Jgy_thZNnIFZML&cms_redirect=yes&mh=3a&mip=2a02:8c8:c10:30::15&mm=31&mn=sn-aigl6ns6&ms=au&mt=1649558232&mv=u&mvi=1&pl=32&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAO_feXf7bW506B-ikn3zTSv1uHEprz5_4oDNvnAU5KkUAiAJmURikxpeqUaz171xG47yOipiFX387jT-GmJ1p-SzOg%3D%3D
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Server
2a00:1450:4009:4::6 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:32 GMT
x-restrict-formats-hint
None
last-modified
Mon, 21 Sep 2020 08:51:28 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-10427992/10427993
client-protocol
quic
cache-control
private, max-age=14054
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
10427993
x-content-type-options
nosniff
expires
Sun, 10 Apr 2022 02:45:32 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Apr 2022 02:45:32 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-aigl6ns6.googlevideo.com/videoplayback?expire=1649573086&ei=fihSYof_H8ijkwaSxoqIBw&ip=184.164.141.146&id=o-ACFa3ELlQJCCAS85Y5oRCQJaoPknwaPBzTrkIZvLJwdT&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=4ocVC5QhWzKdPHUaAIJ_VCv1kbZq&vprv=1&mime=video%2Fmp4&ns=8OQ-PxcmuDKYMrjR_qXHvtcG&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=9ae5j-r6xtdHSSs8Ec&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgY6Svhw1Se7QEB4CA_uNfu6LbOfcYSG4lUUBODryuXgoCIG91pzBGS6Wm8txyynjIkSxgVS4M25Jgy_thZNnIFZML&cms_redirect=yes&mh=3a&mip=2a02:8c8:c10:30::15&mm=31&mn=sn-aigl6ns6&ms=au&mt=1649558232&mv=u&mvi=1&pl=32&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAO_feXf7bW506B-ikn3zTSv1uHEprz5_4oDNvnAU5KkUAiAJmURikxpeqUaz171xG47yOipiFX387jT-GmJ1p-SzOg%3D%3D
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1099121-7&cid=1610996712.1649558732&jid=171681191&_u=YEBAAUAAAAAAAC~&z=109509747
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Apr 2022 02:45:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1099121-7&cid=1610996712.1649558732&jid=171681191&_u=YEBAAUAAAAAAAC~&z=109509747
Requested by
Host: subject.com.ua
URL: https://subject.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Apr 2022 02:45:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/ 		312 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd01d020ab3fdcfded4ebd18adb322fdd4f4fd2205ca16f6eac48de5c30fdffc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 03:00:35 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
85498
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sat, 09 Apr 2022 03:00:32 GMT
server
AmazonS3
etag
W/"c8c957a184b1dc159f7560e10e85bad7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
neGtZPe1p3RKk-4A3xCV6hQfPJmFb7viRB6iM91IF7Xn171shJ234A==
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/23/ 		469 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 19:36:45 GMT
content-encoding
br
age
112129
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Fri, 18 Dec 2020 15:09:43 GMT
server
AmazonS3
etag
W/"b999c652510fc4edd897a1d667aaee33"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
9AgcxmctmF7kjDbqyKfL_ZJmdI84hy0TMQNydFWb3cwo2n3rIZgziA==
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22subject.com.ua%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1649558732686%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-x2lle1l9k4nx3aoakpeq%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.177.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-177-194.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://subject.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 10 Apr 2022 02:45:32 GMT
content-length
2
content-type
text/plain; charset=utf-8
optad360.js
serving.stat-rock.com/player/ 		310 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/e630b43e-4175-11e8-9881-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.133.2 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
nginx /
Resource Hash
1e64b2e7bfaa97b035c4f71b1d3b62bdd9d51793c15d45aa2db501c0cbe9e6e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://subject.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 02:45:35 GMT
content-encoding
gzip
last-modified
Fri, 01 Apr 2022 11:51:27 GMT
server
nginx
etag
W/"6246e73f-4d83b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| vitag object| admixerML object| adsbygoogle function| gtag object| dataLayer number| 2f1acc6c3a606b082e5eef5e54414ffb object| google_tag_manager object| admixerJSONP function| HELPER object| core object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad object| google_tag_data string| GoogleAnalyticsObject function| ga object| __gcse object| _VLIOBJ object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| hb_dmx_res object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime function| getEidsByVLI string| tagApi object| viAPItag function| __tcfapi function| __uspapi boolean| _isUserInEU boolean| _isUserInUS boolean| __VLICMP object| observeElementInViewport function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googleToken object| googleIMState boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| gaplugins object| gaGlobal object| gaData object| $sf object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId function| __tcfapiui function| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid function| pbjs325474Chunk object| _google_rum_ns_ number| google_global_correlator function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| Splide object| viSplide number| googleNDT_ number| googleAltLoader object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| M2I2MTllMmY5YzkzOWFjbG9hZGVyX2pz string| M2I2MTllMmY5YzkzOWFjY2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| default_ContributorIabTcfV2ClientJs function| __g78fHfh446__ object| scCGSHMRCache function| AdPlayerPro object| DMVAST function| playerPro

5 Cookies

Domain/Path Name / Value
subject.com.ua/ Name:
Value: store.test
subject.com.ua/ Name: __ppIdCC
Value: auvhext_xon_uw2104.5587318.6
.subject.com.ua/ Name: _ga
Value: GA1.3.1610996712.1649558732
.subject.com.ua/ Name: _gid
Value: GA1.3.922414752.1649558732
.subject.com.ua/ Name: _gat_gtag_UA_1099121_7
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.vlitag.com
audit-tcfv2.quantcast.mgr.consensu.org
cdn.admixer.net
cdn.jsdelivr.net
clients1.google.com
cmp.optad360.io
cse.google.com
fundingchoicesmessages.google.com
get.optad360.io
googleads.g.doubleclick.net
imasdk.googleapis.com
media.vlitag.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
r1---sn-aigl6ns6.googlevideo.com
redirector.googlevideo.com
securepubads.g.doubleclick.net
services.vlitag.com
serving.stat-rock.com
stats.g.doubleclick.net
subject.com.ua
tag.vlitag.com
test.quantcast.mgr.consensu.org
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
142.250.184.194
199.101.133.2
2600:9000:2057:4400:3:a4cd:8380:93a1
2600:9000:206f:3200:9:46dc:4700:93a1
2600:9000:206f:bc00:6:b871:4f00:93a1
2600:9000:224a:ba00:11:a4de:2580:93a1
2606:4700:10::6816:3bc7
2606:4700::6810:5814
2a00:1450:4001:800::2002
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a00:1450:4001:831::200e
2a00:1450:4009:4::6
2a00:1450:400c:c01::9a
2a03:90c0:41:2801::254
3.125.177.194
31.131.26.2
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88
1e64b2e7bfaa97b035c4f71b1d3b62bdd9d51793c15d45aa2db501c0cbe9e6e3
1f909843b981d3cf9ff1c6218908ab5c56ab49dadb3d548a1fc7f27559ca47b8
22d1c9dda7688f0147cc127c8e938a0a53d6005b1cc5df3f1b7d209202509cdb
22e56b7e66a75203914f5f0cb9cf1c4e95c065f101ace2189cc31de2da60f61e
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
36049c04da23133636b6edfac85b5d817eed4c0febbe357ce653978cda40fe96
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4
3921d22e340021189f986befdb097d34a4d1142b3c0a2565ef53f5d0971c1748
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
49250ed8e3698633fe130e218b05ca9f44a8acb04833bd280c2ad570ffcc3cf7
50c1eb4e61aade2c0fa8f6892d3c6d8672fcf3baf1f49131d4bbb397085e156c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
5d253c1f2c6fcbd61576ca67a936360e21f9c1945dcbbc9eda03cf177fe99079
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
707c74e779762b2e450b6959ae22c2c6b0b26079fffe308b6427dcf8347506f2
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
722c06c8a7a9b96c7f07bf888b125c0fddd0722a04dd6ff0c9f7d00b568a25db
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
8b8d82fe498f5dafc237759414624278fdd4d48088e21c176aa51cb651847ca7
98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2
9bfafe304a1c30b94987dfdb7062074297df96db9e937288a2a186684ffd1b73
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4eb2060150d9fc24ee035cb939a77e9d386616cbb36979dce9cf9276492e1ad
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
b8989d7b732c756757007b57d934565e7ce80f01be8964231aeeeb1232b2b63e
bc99988433b256edb38d5589a236b5202f2c8c2c6d3ebb2938d0879a1073fd1e
be4bee1c0adb071345a1a002e7222e037388ee20c4dbfff433b80297d0d5826a
bf36b407ab26b37f8372006fe01b54fc7daaf12b7f87d4bedd0614ac7ced4283
c1c9d79d4c1f7434241f585d6cda795673e9a883999631e6889c46d6e01681b1
ca88c87f38ffc56d763162e139ec8a6eb40fa627c00c396bd0a5714b921bb737
da9da6cc08f4fae96cb11b10e093fc4d19f871c3d4b46a2a48ee7f26637b92e5
dd01d020ab3fdcfded4ebd18adb322fdd4f4fd2205ca16f6eac48de5c30fdffc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f841c9dc420be3320e6b8940f39eb2a8474cf363cf22690557bfde374d35a2
e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766
e8e92aad85e6a1fa948b3eddc1bd02ef297129a4206295ca9c689b486ff78fe6
e992f6616816f175a22ba8089d0b07319eec138b880583531bd0bb6e9d8a3826
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffbb794c5ad134c52830fe4d17b6fce646d8827154e9ab6f887701db234b7a88