urlscan.io logo urlscan.io
SecurityTrails logo

12baliv.com.ua Open in urlscan Pro
2606:4700:20::681a:e8f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://12baliv.com.ua/
Effective URL: https://12baliv.com.ua/
Submission: On September 18 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 12 domains to perform 87 HTTP transactions. The main IP is 2606:4700:20::681a:e8f, located in United States and belongs to CLOUDFLARENET, US. The main domain is 12baliv.com.ua. The Cisco Umbrella rank of the primary domain is 948272.
TLS certificate: Issued by GTS CA 1P5 on September 16th 2022. Valid for: 3 months.
This is the only time 12baliv.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    2606:4700:20::681a:e8f (United States)

ASN13335 (CLOUDFLARENET, US)
12baliv.com.ua
1    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
cdrvrs.com
1    13.32.99.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-22.fra60.r.cloudfront.net
platform-api.sharethis.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
10    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:206e:b600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    3.127.1.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-1-244.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
adservice.google.co.uk
1    13.32.121.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-81.fra60.r.cloudfront.net
count-server.sharethis.com
7    2600:9000:206e:ce00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
14    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
8    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
Apex Domain
Subdomains		 Transfer
24 12baliv.com.ua
12baliv.com.ua — Cisco Umbrella Rank: 948272
331 KB
18 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2282
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 75
50 KB
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
337 KB
11 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4671
buttons-config.sharethis.com — Cisco Umbrella Rank: 5622
l.sharethis.com — Cisco Umbrella Rank: 4493
count-server.sharethis.com — Cisco Umbrella Rank: 12247
platform-cdn.sharethis.com — Cisco Umbrella Rank: 10758
52 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
56 KB
3 gstatic.com
www.gstatic.com
15 KB
3 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3335
adservice.google.co.uk — Cisco Umbrella Rank: 5376
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com — Cisco Umbrella Rank: 40
32 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
44 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
646 B
1 cdrvrs.com
cdrvrs.com — Cisco Umbrella Rank: 249247
454 B
87 12
Domain Requested by
24 12baliv.com.ua 1 redirects 12baliv.com.ua
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
10 pagead2.googlesyndication.com 12baliv.com.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 platform-cdn.sharethis.com
3 www.gstatic.com googleads.g.doubleclick.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.uk pagead2.googlesyndication.com
2 www.google.com tpc.googlesyndication.com
2 www.google-analytics.com 12baliv.com.ua
www.google-analytics.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.co.uk
1 stats.g.doubleclick.net www.google-analytics.com
1 count-server.sharethis.com platform-api.sharethis.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 ajax.googleapis.com 12baliv.com.ua
1 platform-api.sharethis.com 12baliv.com.ua
1 cdrvrs.com 12baliv.com.ua
87 22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
*.12baliv.com.ua
GTS CA 1P5		 2022-09-16 -
2022-12-15		 3 months crt.sh
cdrvrs.com
R3		 2022-09-01 -
2022-11-30		 3 months crt.sh
sharethis.com
Amazon		 2022-06-19 -
2023-07-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://12baliv.com.ua/
Frame ID: DBC2937DE1377E4DC8FBF49CF76ADACD
Requests: 62 HTTP requests in this frame

Frame: https://12baliv.com.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663459200
Frame ID: 57A5DE0C4C6C0D8E84AE918724B49B1E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: E5F3601726DB162C6D1FC6142466B213
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-0003148120302839&output=html&adk=1812271804&adf=3025194257&lmt=1663472297&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F12baliv.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663472297097&bpp=3&bdt=508&idt=427&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7028118189216&frm=20&pv=2&ga_vid=1512120324.1663472297&ga_sid=1663472298&ga_hid=1107141386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773746%2C31067825&oid=2&pvsid=2978740981664280&tmod=1808991259&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=837
Frame ID: 8263ADEF0C6B574BA4028205B43EA8D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72208260FC3361863766452303294A0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E4AA9DE5A5068084EC6F60757512564C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Frame ID: 474E22A20B82B775AAD3B51C339A9BDB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 7E5ED0524F717AAAE1F074CEA1E90AC6
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
Frame ID: D8AB31BA47D7D59F4DD6CBA482B141BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ГДЗ (відповіді) 2021 - Готові домашні завдання

Page URL History Show full URLs

  1. http://12baliv.com.ua/ HTTP 301
    https://12baliv.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

100 %
HTTPS

76 %
IPv6

12
Domains

22
Subdomains

21
IPs

4
Countries

939 kB
Transfer

2262 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://12baliv.com.ua/ HTTP 301
    https://12baliv.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
12baliv.com.ua/
Redirect Chain
  • http://12baliv.com.ua/
  • https://12baliv.com.ua/
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84819270a4a7d9c719a86f5076e6b2236370f4a88ae847ffc0c2603f56b1f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74c70c3d088a5a37-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 18 Sep 2022 03:38:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rY9T17Kj%2BX%2Fl8z4s3EP70FYtFYaVuhM%2FnG3jW6NfkNg1IFvnjYi0Qwqi5WOpmvWI0NoZA7vPuYh8ZdwMwJFjETBMmzuVbsWVHlh0dtqThLDHlUEF%2Fpqz%2Fjf1Arb3Pfh4I1G2beKFZHDj21Ax"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000;
vary
Accept-Encoding

Redirect headers

CF-RAY
74c70c3bc927baa3-MXP
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 18 Sep 2022 03:38:16 GMT
Expires
Sun, 18 Sep 2022 04:38:16 GMT
Location
https://12baliv.com.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LQjM2%2FL%2FPqRp0csVCFXquq4yXhPf20HLNcop4q4vx%2BUVEy8Zkr9tUvjs%2F5y%2BvUqU%2Bw7MZdtB0y9ydY2h3vFAMqY%2Bn4tVLQbIBqzpGuC7Mw9UstGJuCf%2BFoDLsHLmqOKR2t%2FnfJulAaoGLhJ"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
main.css
12baliv.com.ua/v2/css/ 		74 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/v2/css/main.css
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f69f543b0ae2ed56660adab79ca8991ef94114504567ad670367cf48c745b22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74066
cf-polished
origSize=77271
cf-bgj
minify
last-modified
Sun, 09 Jan 2022 16:08:25 GMT
server
cloudflare
etag
W/"61db0879-12dd7"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2B%2BExeKTE6NyQtIMBWsuyA4Yn%2FDDguekvjKBku9yyuM7%2FGPP3y3y55IhukYfziMzedE09wREM54ObjO1wvb18kS0OJWhFC%2FezZ30TTtHzw%2FLnNUywY9iNoAey33IY1Z%2F2WakonIU9c8GeJbo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
74c70c3dd8ca5a37-MXP
expires
Sun, 18 Sep 2022 07:03:50 GMT
ukrayinska-mova-8-klas-o-m-avramenko-t-v-borysyuk-o-m-pochtarenko-2021.jpg
12baliv.com.ua/images/cover/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12baliv.com.ua/images/cover/ukrayinska-mova-8-klas-o-m-avramenko-t-v-borysyuk-o-m-pochtarenko-2021.jpg
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dc1104102ccadc1fabbe97561f02d258d9dd02996832f807214806c1ed3a160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73000
cf-polished
origFmt=jpeg, origSize=22026
content-disposition
inline; filename="ukrayinska-mova-8-klas-o-m-avramenko-t-v-borysyuk-o-m-pochtarenko-2021.webp"
content-length
20014
last-modified
Tue, 10 Aug 2021 20:03:59 GMT
server
cloudflare
etag
"6112dbaf-560a"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsFVaoWzLIUk%2Ff0lWUwIhgQI71C3KCywydEoZoTIMbb17OCcJPmy3KggI09zNdkea4oKI0NHPLNq2WUGcEVxq%2Fkgwvz3Gk8i9bh3AErl63DVmSa4ow3nzlsZTwxDxY9I6XWmP4ZaOG6kPq6m"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sun, 18 Sep 2022 07:21:36 GMT
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
74c70c3dd8cb5a37-MXP
cf-bgj
imgq:100,h2pri
ya-doslidzhuyu-svit-4-klas-t-h-hilberh-s-s-tarnavska-n-m-pavych-2021-robochyj-zoshyt.jpg
12baliv.com.ua/images/cover/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12baliv.com.ua/images/cover/ya-doslidzhuyu-svit-4-klas-t-h-hilberh-s-s-tarnavska-n-m-pavych-2021-robochyj-zoshyt.jpg
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c55839714e99cdabfcb8ba18026df108ad77e381ad47aa52471d9e242e07032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68398
cf-polished
origSize=27996, status=webp_bigger
content-length
26114
last-modified
Tue, 10 Aug 2021 20:04:05 GMT
server
cloudflare
etag
"6112dbb5-6d5c"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SP7fPRbo3bXRzz7B81kn%2FDlVGkHaSPcnC7FJ6%2F3ot1fn%2FfEJdXGkY5%2BpxLXg9XgofbhKfIySP%2FwQjm0otlIDboEikRvkGdIIMwJAXRsT2u7y97eQWeTcnZUoyHv8mots7aZLQxK%2BwHaJCf3S"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Sun, 18 Sep 2022 08:38:18 GMT
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
74c70c3df8dc5a37-MXP
cf-bgj
imgq:100,h2pri
anhliyska-mova-4-klas-o-d-karpyuk-2021-robochyj-zoshyt.jpg
12baliv.com.ua/images/cover/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12baliv.com.ua/images/cover/anhliyska-mova-4-klas-o-d-karpyuk-2021-robochyj-zoshyt.jpg
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76e6867da8638fec6d7d9c7781a597f7d752b7f2ca04674b5501594e8c4604e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68398
cf-polished
origSize=36070, status=webp_bigger
content-length
34918
last-modified
Tue, 10 Aug 2021 20:02:09 GMT
server
cloudflare
etag
"6112db41-8ce6"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgULQGYpGt1B5g5hrqDZ4x1LEaquS8jpBcsQboJPdspPExnffopdVhDCi%2FrjziUrrqaeUqCGArlbrH7tAgEBM7sDEqqngR90wjw0kA2H5E1AILqVOUuCdc9lEGLbPYd1%2FLhDq6TQV0NRjkCU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Sun, 18 Sep 2022 08:38:18 GMT
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
74c70c3df8dd5a37-MXP
cf-bgj
imgq:100,h2pri
matematyka-4-klas-m-v-kozak-o-p-korchevska-2021-chastyna-1.jpg
12baliv.com.ua/images/cover/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12baliv.com.ua/images/cover/matematyka-4-klas-m-v-kozak-o-p-korchevska-2021-chastyna-1.jpg
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef90f57d61b146cfa1320f4bf351295c03db8887bae558d21d01edb4338b2c42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68398
cf-polished
origFmt=jpeg, origSize=33112
content-disposition
inline; filename="matematyka-4-klas-m-v-kozak-o-p-korchevska-2021-chastyna-1.webp"
content-length
30934
last-modified
Tue, 10 Aug 2021 20:03:18 GMT
server
cloudflare
etag
"6112db86-8158"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6e2Vv%2Fl8Xs%2FT3DKypA6VicGyi9gtV35IzlOyRo95oURQtmq20p%2BV%2BB8swXcVrJW5JxcsKdaHDOgcmjC29qtqTID6U%2BVk5L8g3EtVt1zoYtUEF2jDt5Ke0EUsc2Q5wDO0kIPfsWZg3BjClgP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sun, 18 Sep 2022 08:38:18 GMT
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
74c70c3df8de5a37-MXP
cf-bgj
imgq:100,h2pri
matematyka-4-klas-n-p-lystopad-2021-chastyna-1.jpg
12baliv.com.ua/images/cover/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12baliv.com.ua/images/cover/matematyka-4-klas-n-p-lystopad-2021-chastyna-1.jpg
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd468ce152c4744e0c560ae8e9d7b5facfe603acccd2fd97dfe58ec789413dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68398
cf-polished
origSize=25613, status=webp_bigger
content-length
24465
last-modified
Tue, 10 Aug 2021 20:03:18 GMT
server
cloudflare
etag
"6112db86-640d"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMmsph1RuY3vZaqDv%2FrNwIl%2BTV7E6K2wEWeuxQ3sE6eh0TH7TVyh7v5lIWW6OcxlpGy4%2F2WGCkBOzRg8eHlH%2BNIEe%2Bq8eu6Rb6tQBSda2Ueur%2BrNwmynHfgvK%2FPnKFJy66fQ59NpE14dbTjp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Sun, 18 Sep 2022 08:38:18 GMT
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
74c70c3df8df5a37-MXP
cf-bgj
imgq:100,h2pri
matematyka-5-klas-o-s-ister-2022.jpg
12baliv.com.ua/images/cover/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12baliv.com.ua/images/cover/matematyka-5-klas-o-s-ister-2022.jpg
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3723ed5ddb12b9bd3a2083ff56bb72618c9b78f2a4f918d794e25b75c50786de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66439
cf-polished
origFmt=jpeg, origSize=40135
content-disposition
inline; filename="matematyka-5-klas-o-s-ister-2022.webp"
content-length
28030
last-modified
Tue, 05 Jul 2022 10:23:12 GMT
server
cloudflare
etag
"62c41110-9cc7"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FOcLVmAL8eCUimYxp56ioJKx4kYRwNAHH62tWK9ajyqfxH1ApxQbpeNfJAtmUcLjzoc5jH%2FKZ7Ws2%2FOx0LpgJ09bNB8ut6JXousn1%2Ft7HB4cPZULUrs35dRVfI6bUo%2B4XZaiYf2%2FltqLb6R"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sun, 18 Sep 2022 09:10:57 GMT
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
74c70c3df8e05a37-MXP
cf-bgj
imgq:100,h2pri
email-decode.min.js
12baliv.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Sep 2022 13:38:19 GMT
server
cloudflare
etag
W/"63232acb-4d7"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9cgo3%2FIsE5%2FHmta3QgqP2YIO617OMHEY8Zq9h5D5i%2FjC1ResHTr2bU7HdH9bAU%2B9FT5%2BrTGJa7zvWSoDKpZOCtfuvV06cQ8wNeucw1%2BUk4FN9WoZGeJYt54sftUKxp%2FiqmrrXMxyCdMxPPR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74c70c3df8db5a37-MXP
vary
Accept-Encoding
expires
Tue, 20 Sep 2022 03:38:16 GMT
4654411
cdrvrs.com/5/ 		0
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdrvrs.com/5/4654411
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-trace-id
3b7947eaee15184e90f9e89f1795a72e
pragma
no-cache, no-cache
date
Sun, 18 Sep 2022 03:38:16 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
rocket-loader.min.js
12baliv.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Sep 2022 13:38:19 GMT
server
cloudflare
etag
W/"63232acb-302c"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEoMzq3b%2FNnSGSWzEEmp4tshrXPXEgeO76yIzhh%2B6g2xMUNlbASqWVQSb%2BudKWIKk5ARVkH%2FjDgeus%2FgMzaIKSia2Dpb5PoU9txNlMY5y%2FjUF%2F8hFefml7m02yVGu1WJTzzhzbXOEfl1RqGV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74c70c3df8e15a37-MXP
vary
Accept-Encoding
expires
Tue, 20 Sep 2022 03:38:16 GMT
font-awesome.min.css
12baliv.com.ua/v2/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/v2/css/font-awesome.min.css
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/v2/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/v2/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Aug 2021 10:33:09 GMT
server
cloudflare
age
74065
etag
W/"6113a765-7187"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuKGxJ0iYsWTb7ykXVTWkLO5VkBWpeoQdlox%2Ba7jlakQyyiOYZBCRFMHsL2XIpyqWlOpMINPlmcaWYCozlk7tvavNloo2c6hw9CAhl6kzquJU%2Fub3wwIjIxub8k1f0e6LbwtIIF%2FpUk%2FUEAu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
74c70c3e69055a37-MXP
expires
Sun, 18 Sep 2022 07:03:51 GMT
wave.jpg
12baliv.com.ua/v2/images/ 		412 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12baliv.com.ua/v2/images/wave.jpg
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/v2/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c2014bb2a360badc8f07d2c6743bab6c0d4e02bf2b7727d18c130339c470ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/v2/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74065
cf-polished
origFmt=jpeg, origSize=1616
content-disposition
inline; filename="wave.webp"
content-length
412
last-modified
Wed, 11 Aug 2021 10:33:14 GMT
server
cloudflare
etag
"6113a76a-650"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1ixoxzdPu0vyi15UsLdfYc8OfRI69JPCCgZgqcsJ7M7lCe74PHYooV2C9e%2F1G2BJYR4DiJP8B4VnZXU4jLknJU1f9C30DBSaurEkEWm7fSE62D7IEf5D5%2FINMMom4WeEC7vcEXV2DBZQkPh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sun, 18 Sep 2022 07:03:51 GMT
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
74c70c3f195e5a37-MXP
cf-bgj
imgq:100,h2pri
bg01.png
12baliv.com.ua/v2/css/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12baliv.com.ua/v2/css/images/bg01.png
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/v2/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25b6c5af278b2f4cd5d3489ceca4e4b005399028f2ec975b3830024782f8dd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/v2/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74065
cf-polished
origFmt=png, origSize=6310
content-disposition
inline; filename="bg01.webp"
content-length
6126
last-modified
Wed, 11 Aug 2021 11:00:30 GMT
server
cloudflare
etag
"6113adce-18a6"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owH0PUxbi%2FuXMaWLspKCD%2Ftlw%2FAFXvsSjVq%2BZ1tG6nj0X%2Fjq%2BLIYw9LfteauZibAKaJmYvig4ICXreqeKs3hIy4jZXLzPqn5iIgcvNm%2FAwVrlSXJVWUhLPBGNP4I8uoco%2Bq0j5NNanFMM55u"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Sun, 18 Sep 2022 07:03:51 GMT
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
74c70c3f295f5a37-MXP
cf-bgj
imgq:100,h2pri
fontawesome-webfont.woff2
12baliv.com.ua/v2/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/v2/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/v2/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://12baliv.com.ua/v2/css/font-awesome.min.css
Origin
https://12baliv.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 11 Aug 2021 10:33:12 GMT
server
cloudflare
etag
"6113a768-118d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5k230v7kiRFU3W7nJrGBax1MZcbPFOOTm30Rx7sorpaH%2Bq5J101Mfwp7o3CEGHNztSom9Y9kereOAt2YCsm%2FiBN5SoO7a%2F8FvP1veFOds8M1ZiE1g%2FOSdqCsSlKVz7ZsoWN6h25J7pMkPLw0"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
accept-ranges
bytes
cf-ray
74c70c3f29615a37-MXP
content-length
71896
sharethis.js
platform-api.sharethis.com/js/ 		190 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-22.fra60.r.cloudfront.net
Software
/
Resource Hash
2b02c99b94bd29097fd168548bea6dfc28c9ffd3c2d751c1f375c9da902d8f63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:37:25 GMT
content-encoding
gzip
vary
Accept-Encoding
age
51
etag
W/"2f749-jZtDoLQECLv0cAmOiJJ6B61Kdic"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
FRA60-P3
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
BwGystdUONXa5AB7JdC3lNd9bYrI5TN6swe6VhxwnDfqUMB2YBBM1g==
main-2.js
12baliv.com.ua/v2/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/v2/js/main-2.js
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0108044277b1e74cdb352d1e3d31d621308f87c75e5018ffc8cd355679a9e53b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74065
cf-polished
origSize=16014
cf-bgj
minify
last-modified
Wed, 07 Sep 2022 12:23:40 GMT
server
cloudflare
etag
W/"63188d4c-3e8e"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGURnQnru5l9uDREALtl%2BXJIphw5NpRhxaLNkuLEeuUEDwz1SkYQWauAri8cxEOPmRaK6YAgP2TqLdrXXfk77JXy%2BqcOFEhaEgW2bCrO6YhhqR6wVeWJPonoIbZprslZJNLQRXqojxM3ean2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=86400
cf-ray
74c70c3f698d5a37-MXP
expires
Sun, 18 Sep 2022 07:03:51 GMT
util.js
12baliv.com.ua/v2/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/v2/js/util.js
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efcdc42a3d894e0cb7fd154aac530e146ab0886c77dfbb0d178783936dab446a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74065
cf-bgj
minify
last-modified
Wed, 11 Aug 2021 10:33:16 GMT
server
cloudflare
etag
W/"6113a76c-1974"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LT79cufdcgd%2FzOTuJ4DLvxssbc5sfJYA8b6z9hUouqHoNeaayauxgKROGdK7cK6bcrPiYesOBeCWXaF1dsYkPBTbwvD9ZFVnM8HAxIOnzOx7hbnd8%2BSDrq7g50kRY5KrJoVZ3V%2FJtKfbdwyN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=86400
cf-ray
74c70c3f698f5a37-MXP
expires
Sun, 18 Sep 2022 07:03:51 GMT
skel.min.js
12baliv.com.ua/v2/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/v2/js/skel.min.js
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afa9ae8eec6cb530d00256d71c700f9f0d72d298bd50f3af7f4450aa9aed2c98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Aug 2021 10:33:16 GMT
server
cloudflare
age
74065
etag
W/"6113a76c-237c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Jsk2EmkbFArRHcMt7TlsOTBzyRVNak41FFiT%2Bd66SL5%2BETz4ZArZIOP2FN%2BkEq9q3TWPXT21ZqKV9sbDfzPdoEJs7uEHDRGtm5JPxyqTi9cMoNy%2FbOXqBMS3Mnw64Hnj%2FaH9ZwT2Gs4Mlr0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
74c70c3f79905a37-MXP
expires
Sun, 18 Sep 2022 07:03:51 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 02:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 02:53:40 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ca-pub-0003148120302839
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71aeface3d20b7aad7902887c467c71ccca10e4f4000f79b5e633469a743d5a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
Origin
https://12baliv.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58032
x-xss-protection
0
server
cafe
etag
9740700531875527398
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 03:38:16 GMT
invisible.js
12baliv.com.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 57A5 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663459200
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed523db980577f27edb35b5c784e08a8823e13f72038fb34ff381c0e07cc1e4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkAGD3BW2lHZJBagSrRvYmzlPsaGJz7Or%2FO07zFTnmEFNVmZINsYohc2dsV0kgI33xlLOGfotpV53B6hHNaL9OWedYqogH1GkY3k9oDQv6lULFCMR9piGm4EDfMg%2Fsg57WvZWFWFUmHSdpMj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
74c70c3f79915a37-MXP
pica.js
12baliv.com.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame 57A5 		24 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5708d94562b1d45a200583d06fc876202dff7abc5637e7891f15634237a9331e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:16 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUutWijKk7QSeyCTYZ3MRjJ%2Fz6exsj2%2Fujxsehs1lJS3%2Fi%2BF8rr5ccdYpLOpoAJdJI4qsh2eCcQrzAmdbWWhsNzVMsDWIYd6%2BJLrhEP2hPE0a7Aveo2mYyjEcWND3QpSxRMCj%2BQrZwZk6%2FaK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
74c70c4019cc5a37-MXP
59b955563ece4e001182ccf6.js
buttons-config.sharethis.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/59b955563ece4e001182ccf6.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:b600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c48f72bac74783b6f3db0cb6a46aa8b496bf8b633391a3459c3f1a4b950cb3ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:10 GMT
content-encoding
gzip
etag
W/"5b27354f7465e53273dcfa1d226e1c03"
last-modified
Wed, 16 Dec 2020 21:01:41 GMT
server
AmazonS3
age
8
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
cache-control
public, max-age=60
x-amz-cf-pop
VIE50-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
9M3hJkpZlFnrRzPwHyvtuIrDswsrvXoJY9WXLRNeHJKrwkypcUVQYQ==
pview
l.sharethis.com/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=12baliv.com.ua&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2F12baliv.com.ua%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%D0%93%D0%94%D0%97%20(%D0%B2%D1%96%D0%B4%D0%BF%D0%BE%D0%B2%D1%96%D0%B4%D1%96)%202021%20-%20%D0%93%D0%BE%D1%82%D0%BE%D0%B2%D1%96%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D1%96%20%D0%B7%D0%B0%D0%B2%D0%B4%D0%B0%D0%BD%D0%BD%D1%8F&cms=unknown&publisher=59b955563ece4e001182ccf6&sop=true&version=st_sop.js&lang=en&description=%D0%9D%D0%B0%20%D0%BD%D0%B0%D1%88%D0%BE%D0%BC%D1%83%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D1%96%2012%20%D0%B1%D0%B0%D0%BB%D1%96%D0%B2%20%D0%B2%D0%B8%20%D0%B7%D0%BC%D0%BE%D0%B6%D0%B5%D1%82%D0%B5%20%D0%B7%D0%BD%D0%B0%D0%B9%D1%82%D0%B8%20%D0%93%D0%94%D0%97%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D0%B4%D1%8C-%D1%8F%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%BA%D0%BB%D0%B0%D1%81%D1%83.%20%D0%A2%D1%96%D0%BB%D1%8C%D0%BA%D0%B8%20%D1%8F%D0%BA%D1%96%D1%81%D0%BD%D1%96%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D0%B8%20%D1%96%20%D1%80%D0%BE%D0%B7%D0%B2%27%D1%8F%D0%B7%D0%BD%D0%B8%D0%BA%D0%B8.%20%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D1%96%20%D0%B7%20%D0%B2%D0%B0%D1%88%D0%B8%D1%85%20%D1%81%D0%BC%D0%B0%D1%80%D1%82%D1%84%D0%BE%D0%BD%D1%96%D0%B2.
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.1.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-1-244.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 18 Sep 2022 03:38:17 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
https://12baliv.com.ua
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2177
date
Sun, 18 Sep 2022 03:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 18 Sep 2022 05:02:00 GMT
invisible.js
12baliv.com.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 57A5 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663459200
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8006b9068fa4f9ed5d1f1044f0a32ec36873667774ef13d6a287769715bbc2d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5%2FgxgWAXlB15qq6DYJqktdw%2BPHk48NhS4eFuNSgdmRmtyMvkUl%2FjjjtS7rVutwFgS9jDRd7cYXQ3BKKP%2FwnqjEygjks7LDXzUp47DhNfnmbZAphWKMD7NCM7L8mY70QEWzRHa0XRMzB5AW5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
74c70c40ca225a37-MXP
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ca-pub-0003148120302839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20cf6e44766dad4e79fbbe093d3eb2758e610d768cad06c3df0e435ada2e6655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124745
x-xss-protection
0
server
cafe
etag
11770452208529506140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 03:38:17 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame E5F3 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ca-pub-0003148120302839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
32626
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 18:34:31 GMT
etag
9671129459699598864
expires
Sat, 01 Oct 2022 18:34:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pica.js
12baliv.com.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame 57A5 		21 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c552678fd2d2c23f3365673c9b8a6e44a3ace4f3f463081585bea91bb54ab3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWgldI%2FqmK5BMaYBvGtOxOXRINkp8c5WEM5wYkFJRo2I7RdY2B7VK6QSxCLXV3VYB%2FLk2BKZhxNwpj%2FNMUbnZs0idWqXBm0pA%2F8vY77ezf4LXj%2FqJU9jBmidGCQBnJ9gMrNDXEF62eT83ho7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
74c70c414a565a37-MXP
74c70c3d088a5a37
12baliv.com.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 57A5 		2 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/cdn-cgi/challenge-platform/h/b/cv/result/74c70c3d088a5a37
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663459200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 18 Sep 2022 03:38:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
74c70c432b1a5a37-MXP
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYuIVqOEI7ZI3WhX8EZ5sfJhUlVUg0A3ClcVe39yNSQ8UonEi3nxVqo1uyTc4Mo3kGmaelZ1bCw1cRBNoxqXRwM3g0Lj9jOV%2FhBVVvYjZhgZK7ts8KPp3lV3ZqOzDbCExG1AirviUaMTUr9x"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1107141386&t=pageview&_s=1&dl=https%3A%2F%2F12baliv.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%94%D0%97%20(%D0%B2%D1%96%D0%B4%D0%BF%D0%BE%D0%B2%D1%96%D0%B4%D1%96)%202021%20-%20%D0%93%D0%BE%D1%82%D0%BE%D0%B2%D1%96%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D1%96%20%D0%B7%D0%B0%D0%B2%D0%B4%D0%B0%D0%BD%D0%BD%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=317433235&gjid=604914158&cid=1512120324.1663472297&tid=UA-97879165-1&_gid=513751817.1663472297&_r=1&_slc=1&z=1640686876
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://12baliv.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 03:38:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://12baliv.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
get_counts
count-server.sharethis.com/v2.0/ 		421 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2F12baliv.com.ua%2F
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
/
Resource Hash
bb8026e9283944a5011b1beaf0c2be1b38a2e148df501e08f7ca66261a5e8b80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 06:47:07 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
age
75070
etag
9f1396ec063d6cb025664be32338c105
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P1
content-length
421
apigw-requestid
Yl4IxjcuoAMESBA=
x-amz-cf-id
-uJ1juF1LmQYzN7zipUaEeemE-ytzuY1hl5xun8LgiMLxtz-7GDLaw==
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ce00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 02 Sep 2022 05:08:41 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
1376977
etag
"c6e9be45643e197ce1db1d7e24a99adc"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
301
x-amz-cf-id
6US3KfJrHXdhk7Kc1-Ca9ucjjdBfiVwdPj41tkELnB5L4xv14JD4hA==
telegram.svg
platform-cdn.sharethis.com/img/ 		858 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/telegram.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ce00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:37:10 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
etag
"e3f5e90fa57764cd951db1b1bc688edd"
last-modified
Fri, 12 Aug 2022 01:07:51 GMT
server
AmazonS3
age
70
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-pop
VIE50-C1
strict-transport-security
max-age=31536000; includeSubDomains
content-length
858
x-amz-cf-id
PTtMTbWoQwQwSa8ADScoSfD_H_6I8BFv_FlVuXu6CSgKlgYNgUwA6Q==
pinterest.svg
platform-cdn.sharethis.com/img/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/pinterest.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ce00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 20 Aug 2022 03:57:45 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
2504433
etag
"2b10a062e719c64b686e2e8fcdc216dc"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
771
x-amz-cf-id
-PzRjSHI-JuuaYF3O3T6qq143wodvvrEoFQYk3yUDrojrbeCrJpGNw==
twitter.svg
platform-cdn.sharethis.com/img/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ce00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 01:05:31 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
vary
Accept-Encoding
age
95567
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
731
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"0af2fb38987598376c99e21af17ade45"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-amz-cf-id
U5itxFFK-jw6phMRAtKj9rZVwUWLnX4SB9PMPdGoU73dbGeMyPtBMw==
sharethis.svg
platform-cdn.sharethis.com/img/ 		514 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ce00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 10 Sep 2022 13:19:54 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
656303
etag
"deecdaa377907db5cc1722fc831670a1"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
514
x-amz-cf-id
UJfY2OtNqBT3uStWxKopxGzo3LnzOMmMeS_MrWVJfcq1J_M6xE5zuA==
arrow_left.svg
platform-cdn.sharethis.com/img/ 		565 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_left.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ce00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 07 Sep 2022 22:26:54 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
882684
etag
"b55d8d2b9321e381a3c38a4bddb74037"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
565
x-amz-cf-id
zULBcrf0voPfs1cihaWjOEC1KYJy0t-upYcI2bzgIqYswPdO49IXzQ==
arrow_right.svg
platform-cdn.sharethis.com/img/ 		565 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_right.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ce00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 11 Sep 2022 09:21:07 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
584231
etag
"9928d025bd5792b718ee0a185f62e67c"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
565
x-amz-cf-id
eWCkDYwSHgFnZU4VCCLxWYZVl76y1ZYnu_oUq4Bv9-R_Vv8LZZilPg==
ca-pub-0003148120302839
fundingchoicesmessages.google.com/i/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-0003148120302839?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e5a7647c607690af5a9efc3cc1fa63bf9fe8df93dd973a0d607c5ea37cb8cc4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HPcE_zjG9AHOlNwilF9VwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-HPcE_zjG9AHOlNwilF9VwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Sun, 18 Sep 2022 03:38:17 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97879165-1&cid=1512120324.1663472297&jid=317433235&gjid=604914158&_gid=513751817.1663472297&_u=IEBAAEAAAAAAAC~&z=1086512620
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://12baliv.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 18 Sep 2022 03:38:17 GMT
content-type
text/plain
access-control-allow-origin
https://12baliv.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
74c70c3d088a5a37
12baliv.com.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 57A5 		2 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://12baliv.com.ua/cdn-cgi/challenge-platform/h/b/cv/result/74c70c3d088a5a37
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663459200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 18 Sep 2022 03:38:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
74c70c45fc2b5a37-MXP
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPMhXwpzbvqAflXh53AxQiN6c7awXXFlRFpqgNC8AJW%2FeEHlhEmrjp%2FF5YiYgiiFVi22fYKuFuzzvdYSU4dIxxlNhMmQ4NeZRFSPGgfu9kP1VSrFL9iu9H0EHpo9z7oleObj1ZBg2f9GsYWq"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97879165-1&cid=1512120324.1663472297&jid=317433235&_u=IEBAAEAAAAAAAC~&z=174744797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 03:38:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97879165-1&cid=1512120324.1663472297&jid=317433235&_u=IEBAAEAAAAAAAC~&z=174744797
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 03:38:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		218 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=12baliv.com.ua&callback=_gfp_s_&client=ca-pub-0003148120302839
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
f32a1c0abeb9d8457c98871b2b45632b7eb7233e37b2b51939ae25ccb46d7ca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=12baliv.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 03:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=12baliv.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 03:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F12baliv.com.ua%2F&tn=DIV&id=sidebar&ign=false&pw=1600&ph=1200&x=1575&y=1175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 03:38:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8263 		168 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-0003148120302839&output=html&adk=1812271804&adf=3025194257&lmt=1663472297&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F12baliv.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663472297097&bpp=3&bdt=508&idt=427&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7028118189216&frm=20&pv=2&ga_vid=1512120324.1663472297&ga_sid=1663472298&ga_hid=1107141386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773746%2C31067825&oid=2&pvsid=2978740981664280&tmod=1808991259&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=837
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21c39e3d8d9efcd3bbbcdd4ce95feb42dc6966ff13772fd7683852b800240fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
47143
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 03:38:18 GMT
expires
Sun, 18 Sep 2022 03:38:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8da91dbd47932ce5198cfc289ec60e769836141145a59edfc0b531704339a169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 03:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11076
x-xss-protection
0
AGSKWxVSAIpln3C0Rf0umgt9AIw3zClHy4idBcXIQjtErd9U6lqBOAcBf7i_mRNmWxyhxlbzC7aZMF1AaXrbMHb_4dM=
fundingchoicesmessages.google.com/f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVSAIpln3C0Rf0umgt9AIw3zClHy4idBcXIQjtErd9U6lqBOAcBf7i_mRNmWxyhxlbzC7aZMF1AaXrbMHb_4dM=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYzNDcyMjk3LDkzOTAwMDAwMF0sIjU0Njk0OTBFLUY4MjYtNDYyNy05REY5LTM2QjUxOTY5QTE0MyIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly8xMmJhbGl2LmNvbS51YS8iLG51bGwsW1s4LCIzbkhIUkhJWFE2dyJdLFs5LCJlbi1HQiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2bcdf72d250bdeb8a95ff374a53c69b1aa3c5042a307f720ed7f88239f43b92
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jup4DJvYUlVjNb2znf_9WA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-jup4DJvYUlVjNb2znf_9WA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Sun, 18 Sep 2022 03:38:18 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 03:38:18 GMT
AGSKWxV6G-cBNsU787h6QtJvChKGXiTfTRf-uIysjVWRvq2fTyi8UAXdowRsBxTKhekSheUhHSlAR35b7CE5I8uy8ngAwHEyOPckEDhlOeJNzyNTJUG3jtz8KQi5U6YOeR1rDVmzrYY-NQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV6G-cBNsU787h6QtJvChKGXiTfTRf-uIysjVWRvq2fTyi8UAXdowRsBxTKhekSheUhHSlAR35b7CE5I8uy8ngAwHEyOPckEDhlOeJNzyNTJUG3jtz8KQi5U6YOeR1rDVmzrYY-NQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SaO0I3ECa4m_gwOdvUcLjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 03:38:18 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://12baliv.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SaO0I3ECa4m_gwOdvUcLjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUPfcZhGQGTt4Sketr3Vd6Y-jEgCRsKuGE3Fcf0XkIJwZzYo-iqqgzql2b6xgWVm7ATwJ9HAoAdx_zJRR47S6jD_Z9sz9qI5U_vkRq0G1dxoGHIkCflplYCjyDt6DCFPmO7z2JtTw==
fundingchoicesmessages.google.com/f/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUPfcZhGQGTt4Sketr3Vd6Y-jEgCRsKuGE3Fcf0XkIJwZzYo-iqqgzql2b6xgWVm7ATwJ9HAoAdx_zJRR47S6jD_Z9sz9qI5U_vkRq0G1dxoGHIkCflplYCjyDt6DCFPmO7z2JtTw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYzNDcyMjk4LDEwOTAwMDAwMF0sIjU0Njk0OTBFLUY4MjYtNDYyNy05REY5LTM2QjUxOTY5QTE0MyIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly8xMmJhbGl2LmNvbS51YS8iLG51bGwsW1s4LCIzbkhIUkhJWFE2dyJdLFs5LCJlbi1HQiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
334ac00bb000cbdfc5314b1c369d6eded0beb91cdc2976135ff9029de1e99a44
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QwzOIvUN3d4g9DU95uHdig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QwzOIvUN3d4g9DU95uHdig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
date
Sun, 18 Sep 2022 03:38:18 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7220 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
32399
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 18:38:19 GMT
expires
Sun, 17 Sep 2023 18:38:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E4AA 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2cfbbc8afda62e9b27b949f6d15988efbd1992b2457ab016c41f02a5b6a4f5ce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lADAndvZ78YbTcrDEqvP8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://12baliv.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-lADAndvZ78YbTcrDEqvP8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 03:38:18 GMT
expires
Sun, 18 Sep 2022 03:38:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
pagead2.googlesyndication.com/bg/ Frame 7220 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd36d39afbb1bdaa98fb7e7413c81df083d60885b395fb74792a15cee053618a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 18:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16036
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Sep 2023 18:17:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E4AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=2978740981664280&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f557f2a3818183fbe52a22e25c4e87f55cfe14fa6496b7721c2cab6e5fb14171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54572
x-xss-protection
0
server
cafe
etag
4681100350291970656
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 03:38:18 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=12baliv.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 03:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=12baliv.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Sep 2022 03:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/ Frame 474E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0003148120302839&plah=12baliv.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
75407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 06:41:31 GMT
etag
9671129459699598864
expires
Sat, 01 Oct 2022 06:41:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 7220 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FtyV2g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css2
fonts.googleapis.com/ Frame 474E 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Sep 2022 03:21:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 18 Sep 2022 03:38:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Sep 2022 03:38:18 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 474E 		205 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 01:00:30 GMT
x-content-type-options
nosniff
age
9468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 18 Sep 2023 01:00:30 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 474E 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 02:13:32 GMT
x-content-type-options
nosniff
age
5086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 18 Sep 2023 02:13:32 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 474E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 01:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7963
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8202
x-xss-protection
0
server
cafe
etag
12420716543898108158
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 01:25:35 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 7E5E 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 03:22:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 7E5E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 02:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9550
x-xss-protection
0
server
cafe
etag
715955199520789971
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 02:54:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 7E5E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 01:36:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7323
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 01:36:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 7E5E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:31:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 02 Oct 2022 03:31:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7E5E 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Sep 2022 03:38:18 GMT
b6810b6596f7ed55ed76c68d0358aca1.js
www.gstatic.com/mysidia/ Frame 7E5E 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 20:45:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13684
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 20:14:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 20:45:00 GMT
vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
pagead2.googlesyndication.com/bg/ Frame D8AB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vTbTmvuxvaqY-350E8gd8IPWCIWzlft0eSoVzuBTYYo.js
Requested by
Host: 12baliv.com.ua
URL: https://12baliv.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd36d39afbb1bdaa98fb7e7413c81df083d60885b395fb74792a15cee053618a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 18:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16036
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Sep 2023 18:17:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=2978740981664280&bg=!WFulWx_NAAZqQh0mSkI7ACkAdvg8Wlj3oIe5d0ZXC4ekwaGEpfldXGbstGiUp-nEB3rZ0K0uFerLTwIAAABVUgAAAAFoAQcKAI-ayy8NO69l-OveTmx9oJ7QJcdM6OsPUjkpeblsnh--5smn9J5847uFP1EIdG9ccCVMnznj73BZN0fnV68W7kkQ70rKq8lhLV2BMJogT6fovg6J8sKDPRnaBpYdqVLO6e4QnivUpUm-TEP1ThMUMq7Nfazm80hS9SuPaEgplWTqHcfy7jWeWj9owChP_Pxxr5kCpa71hvz5rAg8Y3jteXPko1nGSytB3VyhiVIwlAg8QVzktfSL8iS_krA3hMJ-aJXZUTIHz8IXUt5d12CGDPwNOjNmTLDg_CCZPLG8c7jj4yP_3dyQnQDB01NQ0jk_dl9yjGzvJI_9HFW_TVFEwFFlOTTurOvK2eQioCL8xVFAaRogtPIblQS93kqXR6W19jFsjb7vmo7Dxk94aMczT7oBv1p4mFn2MlMz8OehChxNARp3IzhViZY35z6to8IxqRY3gb0r2eU-gwS3sWIyLSYcxQkYh_VWyHuJqZy4XsyUQV50Vg1zquFBu4Rw0alhWw_NAZkeHKADRj6FdwDNhMuig8Ryxj4WEeDwW-iae2ypAMw-fsFBbW1uTgw7bk9Qe3gIeLqASFlqiS-7jRF0MJYKjvnLuXl8x5pM1pCrQGlFdC3gAKASq28OnfmFGiO_0ow61RsftNmd1d2T_KHuGM56gup9BWz9aUjxDdfSDkljhSzHDWMYTBUT8wfq9euNgntb3V6vknRf6ywaGKlilVjemblLmEfMDNMdeS28z2Ko6gf63TEUE5YegjugCfvggmYlP8vznLT8qx_oViNPc7MKZU0z4ByAqsXeP3SNbZldob2c4rmGf52tLqoD1hgd5TjCfmcbMwoGQFBUhsIjsJJyGltA-NMdwFG6aSU8dIQTu7FbECM299yp7S4IUULtyFG8hDWNReemJqAg_34_8WDvK0Y8fVI_dNqLhpuZwD9VDKvjZzCcYZV3cmBVV4IInU9cdxXo8J7aOv2_RI1NJ09lygmh1DinuERLXg7d-d7LEmpIs2tc87Rx5t7DUB8wTHtfs55aGLuw647QAv8OXASLaLvBe1hiy2rmIKm0E5f4mbzya7MQpfeZFLg_26gTgNY-dLBHjqqO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=6.0712820575432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CZ0Ix3Jd0OleJ96Fn-scUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-CZ0Ix3Jd0OleJ96Fn-scUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingDetectionHttp"
x-frame-options
SAMEORIGIN
date
Sun, 18 Sep 2022 03:38:19 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.4672630536586437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fcBjHOYDt8kv5NT7pWNzEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:19 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
image/gif
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-fcBjHOYDt8kv5NT7pWNzEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUmCABNFXSVSk_BkUgD0Ogdj55ZonanISO78UhcaBqOfOvNt1UFlP5NfvZ4mj8pDNVmps2Y-QdAU1ZRSJibdBYDcV60upkJcHpp7q6hmSwczA3N9T0eu1Hv8W629c40BVx9qQWK-g==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUmCABNFXSVSk_BkUgD0Ogdj55ZonanISO78UhcaBqOfOvNt1UFlP5NfvZ4mj8pDNVmps2Y-QdAU1ZRSJibdBYDcV60upkJcHpp7q6hmSwczA3N9T0eu1Hv8W629c40BVx9qQWK-g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k90qwv75h3rZiAlqtRMk7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 03:38:19 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://12baliv.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-k90qwv75h3rZiAlqtRMk7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
bg-advert-
fundingchoicesmessages.google.com/f/AGSKWxVhOzPHDaN14jQsADiK8rUbNo3VuJv62O6OA05zf6ak-MC2EyIfFzP-vxF8FtSo03h7y-afEGi7fFEMjZCBHFlyGo4TPk27gQjBN7zT1IpymWxwG68NfXyb6kTkH3Wbf9Ae_-D2H0Xdzua9HfsJ-gAqNTZDk... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVhOzPHDaN14jQsADiK8rUbNo3VuJv62O6OA05zf6ak-MC2EyIfFzP-vxF8FtSo03h7y-afEGi7fFEMjZCBHFlyGo4TPk27gQjBN7zT1IpymWxwG68NfXyb6kTkH3Wbf9Ae_-D2H0Xdzua9HfsJ-gAqNTZDkxi1SbLqgV759hcliAO3hjksXeZGyq9W/_/adv/script1./adman-/advelvet--160x400-/bg-advert-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cbaf3531a7932aab4ac03da5593f6deb9ba49e688166675610274d5c65ea7bba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fr8HaNQjyjLZ1e6AtZhiSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:38:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-Fr8HaNQjyjLZ1e6AtZhiSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a3f858e4b91568c5d43b87869509904f5df31ec4535851c6a6bb79f72a6d378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 02:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
server
cafe
etag
13507786192607039721
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 03:54:56 GMT
AGSKWxUmCABNFXSVSk_BkUgD0Ogdj55ZonanISO78UhcaBqOfOvNt1UFlP5NfvZ4mj8pDNVmps2Y-QdAU1ZRSJibdBYDcV60upkJcHpp7q6hmSwczA3N9T0eu1Hv8W629c40BVx9qQWK-g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUmCABNFXSVSk_BkUgD0Ogdj55ZonanISO78UhcaBqOfOvNt1UFlP5NfvZ4mj8pDNVmps2Y-QdAU1ZRSJibdBYDcV60upkJcHpp7q6hmSwczA3N9T0eu1Hv8W629c40BVx9qQWK-g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fIbKQPQFhydS2eYYdOjJEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 03:38:19 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://12baliv.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-fIbKQPQFhydS2eYYdOjJEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUmCABNFXSVSk_BkUgD0Ogdj55ZonanISO78UhcaBqOfOvNt1UFlP5NfvZ4mj8pDNVmps2Y-QdAU1ZRSJibdBYDcV60upkJcHpp7q6hmSwczA3N9T0eu1Hv8W629c40BVx9qQWK-g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUmCABNFXSVSk_BkUgD0Ogdj55ZonanISO78UhcaBqOfOvNt1UFlP5NfvZ4mj8pDNVmps2Y-QdAU1ZRSJibdBYDcV60upkJcHpp7q6hmSwczA3N9T0eu1Hv8W629c40BVx9qQWK-g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aO-PNejAGJSJvpwlF1NJ4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 03:38:19 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://12baliv.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aO-PNejAGJSJvpwlF1NJ4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUmCABNFXSVSk_BkUgD0Ogdj55ZonanISO78UhcaBqOfOvNt1UFlP5NfvZ4mj8pDNVmps2Y-QdAU1ZRSJibdBYDcV60upkJcHpp7q6hmSwczA3N9T0eu1Hv8W629c40BVx9qQWK-g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUmCABNFXSVSk_BkUgD0Ogdj55ZonanISO78UhcaBqOfOvNt1UFlP5NfvZ4mj8pDNVmps2Y-QdAU1ZRSJibdBYDcV60upkJcHpp7q6hmSwczA3N9T0eu1Hv8W629c40BVx9qQWK-g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-o5wPKHsKqT5iTYqTKdUu1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 03:38:19 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://12baliv.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-o5wPKHsKqT5iTYqTKdUu1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUmCABNFXSVSk_BkUgD0Ogdj55ZonanISO78UhcaBqOfOvNt1UFlP5NfvZ4mj8pDNVmps2Y-QdAU1ZRSJibdBYDcV60upkJcHpp7q6hmSwczA3N9T0eu1Hv8W629c40BVx9qQWK-g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUmCABNFXSVSk_BkUgD0Ogdj55ZonanISO78UhcaBqOfOvNt1UFlP5NfvZ4mj8pDNVmps2Y-QdAU1ZRSJibdBYDcV60upkJcHpp7q6hmSwczA3N9T0eu1Hv8W629c40BVx9qQWK-g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YsZcbHGW2XHwuW4hMmzeYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 03:38:20 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://12baliv.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-YsZcbHGW2XHwuW4hMmzeYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX4dmZ34Kz-XEoLVvWxuS-ipnx0LVr8ehsRh9IRov29VY54SpDK8ti2Ykyw1aeeTFbItLSl0VrCf0JJSDPLJXe0jWi6TWrr-5juMxz6L5kMgN4suRqoNaiMfg1jJ4U88nnbnK_vNw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX4dmZ34Kz-XEoLVvWxuS-ipnx0LVr8ehsRh9IRov29VY54SpDK8ti2Ykyw1aeeTFbItLSl0VrCf0JJSDPLJXe0jWi6TWrr-5juMxz6L5kMgN4suRqoNaiMfg1jJ4U88nnbnK_vNw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYzNDcyMjk5LDkzNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vMTJiYWxpdi5jb20udWEvIixudWxsLFtbOCwiM25ISFJISVhRNnciXSxbOSwiZW4tR0IiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0f5108a9ff2c75eeba3b5570a01e6a4de894e0af1dd37247be59701eec64482
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y4tpH2Blf3ARn7AqVh7cMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://12baliv.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-Y4tpH2Blf3ARn7AqVh7cMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
date
Sun, 18 Sep 2022 03:38:19 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXZL86fVrtHr1Cd7rUWi14xAKq_E8gdbDFyOcvFRN0pedZnfrw-7dpufgbOYZOEm8Dbxlvb95DRRyXNJ2QEppx9alCHgOrJI4fjM4QDv89uk_eqD4DAqb4vcy6ndn7WgxkIsnyyPg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXZL86fVrtHr1Cd7rUWi14xAKq_E8gdbDFyOcvFRN0pedZnfrw-7dpufgbOYZOEm8Dbxlvb95DRRyXNJ2QEppx9alCHgOrJI4fjM4QDv89uk_eqD4DAqb4vcy6ndn7WgxkIsnyyPg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.3nHHRHIXQ6w.es5.O/d=1/rs=AJlcJMzNOAilp1ZV5R57qzNwMbRoo0yo2g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P1UzuxTb7N7mzsGZXO8OFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://12baliv.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 18 Sep 2022 03:38:20 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://12baliv.com.ua
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P1UzuxTb7N7mzsGZXO8OFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __cfQR object| adsbygoogle function| $ function| jQuery object| skel function| onorientationchange object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ string| GoogleAnalyticsObject function| ga boolean| __cfRLUnblockHandlers object| lazySizes object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googleToken object| googleIMState object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ZmEwZDdmYjAwYjliOWIxZGxvYWRlcl9qcw== string| ZmEwZDdmYjAwYjliOWIxZGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_llp number| google_lpabyc object| googletag object| _google_rum_ns_ undefined| google_rum_values boolean| 3d859a77-92e6-45e3-8aff-1cff915f3b08

8 Cookies

Domain/Path Name / Value
12baliv.com.ua/ Name: prop
Value: true
.12baliv.com.ua/ Name: _ga
Value: GA1.3.1512120324.1663472297
.12baliv.com.ua/ Name: _gid
Value: GA1.3.513751817.1663472297
.12baliv.com.ua/ Name: _gat
Value: 1
.12baliv.com.ua/ Name: __cf_bm
Value: FA1cgtMYz.x8KmlbP0ybx4nbUDhrLYyaejUY8t66N2Y-1663472297-0-ASpl85N8lPtyqHY6q1HiO3Kbh7DbUxXP9BGEfI6/FuQivgPsfaM2TMLUNImC6ugJMHcmwbV7s7GD8PrDgzRUp2NtEDTk97CrgzmEGYst0jrN0X+v54jODybPceORAbwL9w==
.12baliv.com.ua/ Name: __gads
Value: ID=6d9e549da0c9a3fa-2252137a25ce007e:T=1663472298:RT=1663472298:S=ALNI_MZKaBB3MFNULQfN3_irz0B98zm2lA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.12baliv.com.ua/ Name: FCNEC
Value: %5B%5B%22AKsRol_4VSm_SJnY_PRbTxuYnHbG33bFtVo1ue1fZBllQDtoNzgSE_1AOFe-WrmuNv8Ft9vtQ-ziVR3Ky28WTVxTF2VjTT-HOyO5N0MiMttL-pP4TEryzV-1EyXHkF0YNJzPhCHspEAqrGQqkET_T8xTxnN4hCkjwQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12baliv.com.ua
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
buttons-config.sharethis.com
cdrvrs.com
count-server.sharethis.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform-api.sharethis.com
platform-cdn.sharethis.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.gstatic.com
13.32.121.81
13.32.99.22
139.45.197.238
172.217.16.194
2600:9000:206e:b600:c:abe:f440:93a1
2600:9000:206e:ce00:1d:85c3:6640:93a1
2606:4700:20::681a:e8f
2a00:1450:4001:802::200e
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9b
3.127.1.244
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0108044277b1e74cdb352d1e3d31d621308f87c75e5018ffc8cd355679a9e53b
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1e5a7647c607690af5a9efc3cc1fa63bf9fe8df93dd973a0d607c5ea37cb8cc4
20cf6e44766dad4e79fbbe093d3eb2758e610d768cad06c3df0e435ada2e6655
21c39e3d8d9efcd3bbbcdd4ce95feb42dc6966ff13772fd7683852b800240fdd
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b02c99b94bd29097fd168548bea6dfc28c9ffd3c2d751c1f375c9da902d8f63
2cfbbc8afda62e9b27b949f6d15988efbd1992b2457ab016c41f02a5b6a4f5ce
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
334ac00bb000cbdfc5314b1c369d6eded0beb91cdc2976135ff9029de1e99a44
3723ed5ddb12b9bd3a2083ff56bb72618c9b78f2a4f918d794e25b75c50786de
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53c552678fd2d2c23f3365673c9b8a6e44a3ace4f3f463081585bea91bb54ab3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5708d94562b1d45a200583d06fc876202dff7abc5637e7891f15634237a9331e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c55839714e99cdabfcb8ba18026df108ad77e381ad47aa52471d9e242e07032
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6dc1104102ccadc1fabbe97561f02d258d9dd02996832f807214806c1ed3a160
71aeface3d20b7aad7902887c467c71ccca10e4f4000f79b5e633469a743d5a2
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7a3f858e4b91568c5d43b87869509904f5df31ec4535851c6a6bb79f72a6d378
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8006b9068fa4f9ed5d1f1044f0a32ec36873667774ef13d6a287769715bbc2d7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8da91dbd47932ce5198cfc289ec60e769836141145a59edfc0b531704339a169
8f69f543b0ae2ed56660adab79ca8991ef94114504567ad670367cf48c745b22
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee7f631d3e9d0982fb25160454b11de5bcebfb7197decf36bd4e735091644
a2bcdf72d250bdeb8a95ff374a53c69b1aa3c5042a307f720ed7f88239f43b92
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa9ae8eec6cb530d00256d71c700f9f0d72d298bd50f3af7f4450aa9aed2c98
b2c2014bb2a360badc8f07d2c6743bab6c0d4e02bf2b7727d18c130339c470ed
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b76e6867da8638fec6d7d9c7781a597f7d752b7f2ca04674b5501594e8c4604e
bb8026e9283944a5011b1beaf0c2be1b38a2e148df501e08f7ca66261a5e8b80
bd36d39afbb1bdaa98fb7e7413c81df083d60885b395fb74792a15cee053618a
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c48f72bac74783b6f3db0cb6a46aa8b496bf8b633391a3459c3f1a4b950cb3ad
cbaf3531a7932aab4ac03da5593f6deb9ba49e688166675610274d5c65ea7bba
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd468ce152c4744e0c560ae8e9d7b5facfe603acccd2fd97dfe58ec789413dcd
e0f5108a9ff2c75eeba3b5570a01e6a4de894e0af1dd37247be59701eec64482
e25b6c5af278b2f4cd5d3489ceca4e4b005399028f2ec975b3830024782f8dd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
e84819270a4a7d9c719a86f5076e6b2236370f4a88ae847ffc0c2603f56b1f2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef90f57d61b146cfa1320f4bf351295c03db8887bae558d21d01edb4338b2c42
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
efcdc42a3d894e0cb7fd154aac530e146ab0886c77dfbb0d178783936dab446a
f32a1c0abeb9d8457c98871b2b45632b7eb7233e37b2b51939ae25ccb46d7ca9
f557f2a3818183fbe52a22e25c4e87f55cfe14fa6496b7721c2cab6e5fb14171
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fed523db980577f27edb35b5c784e08a8823e13f72038fb34ff381c0e07cc1e4