urlscan.io logo urlscan.io
SecurityTrails logo

zhitlo.net.ua Open in urlscan Pro
46.4.39.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zhitlo.net.ua/
Effective URL: https://zhitlo.net.ua/
Submission: On July 26 via api from KR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 90 HTTP transactions. The main IP is 46.4.39.158, located in Germany and belongs to HETZNER-AS, DE. The main domain is zhitlo.net.ua.
TLS certificate: Issued by R3 on June 30th 2021. Valid for: 3 months.
This is the only time zhitlo.net.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

41    46.4.39.158 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: vs03.rosrealt.ru
zhitlo.net.ua
8    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru
counter.yadro.ru
12    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
41 zhitlo.net.ua 1 redirects zhitlo.net.ua
12 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 pagead2.googlesyndication.com zhitlo.net.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 counter.yadro.ru 1 redirects zhitlo.net.ua
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 ssl.google-analytics.com zhitlo.net.ua
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com tpc.googlesyndication.com
1 ajax.googleapis.com tpc.googlesyndication.com
1 s0.2mdn.net tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
90 16

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
zhitlo.net.ua
R3		 2021-06-30 -
2021-09-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
counter.yadro.ru
R3		 2021-05-29 -
2021-08-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://zhitlo.net.ua/
Frame ID: 89B1E22C13B8406939AF053F8AF270C6
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
Frame ID: E499F0F55882999CC796705A286258FB
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
Frame ID: D1EB53B306EAB145430692B406458D65
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html
Frame ID: 838206DDFEA7F2DBAFBE960F985D522D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: EDF97141765C58171A2A7043226FE7EA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Frame ID: 0505FB5FB7144630F7D5ACA47FD87760
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&adk=1812271804&adf=3025194257&lmt=1627302998&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fzhitlo.net.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302998488&bpp=1&bdt=1279&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&cookie=ID%3De931c105117f625d-22707f878cc80044%3AT%3D1627302997%3ART%3D1627302997%3AS%3DALNI_MaaNv0jXfQjE1aI5dqrqrbzeMuFgQ&prev_slotnames=9647478286%2C8447111215&nras=1&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H99AGBL6lg8NHc_3eKxqknzgonFyhLpi0UJyWiHmPxewezUwxGzDUvWGL-jQQ1h4rmetwy8lVQjqHM%2CAGkb-H_ozZNlB-tjdlZ7Ii7VHqjkhLn7g74CR8qy5gO2tSxFtDGPOAVfaRzK07UdYxwNEVYEliO0MuR5YLpqDw&pvsid=3740065587506139&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=19
Frame ID: E09F96A902CF70425C64E712C0EC115C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D26F6840EF919887C88BB32FB96C6DBC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D7C9B3DAD96D20876488646842E8A1FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://zhitlo.net.ua/ HTTP 301
    https://zhitlo.net.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

90
Requests

100 %
HTTPS

81 %
IPv6

13
Domains

16
Subdomains

17
IPs

3
Countries

894 kB
Transfer

2159 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zhitlo.net.ua/ HTTP 301
    https://zhitlo.net.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://counter.yadro.ru/hit?t14.2;r;s1600*1200*24;uhttps%3A//zhitlo.net.ua/;h%u041D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u044C%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u043D%u0435%20-%20%u0441%u0442%u043E%u0438%u043C%u043E%u0441%u0442%u044C%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438%2C%20%u0434%u043E%u0441%u043A%u0430%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u043F%u043E%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438%2C%20%u0430%u0433%u0435%u043D%u0442%u0441%u0442%u0432%u0430%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438;0.689743134766172 HTTP 302
  • https://counter.yadro.ru/hit?q;t14.2;r;s1600*1200*24;uhttps%3A//zhitlo.net.ua/;h%u041D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u044C%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u043D%u0435%20-%20%u0441%u0442%u043E%u0438%u043C%u043E%u0441%u0442%u044C%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438%2C%20%u0434%u043E%u0441%u043A%u0430%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u043F%u043E%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438%2C%20%u0430%u0433%u0435%u043D%u0442%u0441%u0442%u0432%u0430%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438;0.689743134766172
Request Chain 74
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zhitlo.net.ua/
Redirect Chain
  • http://zhitlo.net.ua/
  • https://zhitlo.net.ua/
30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
4ba4bfd17d3ff5320a00bebe68ee2ff3e7b4bf8637922acf16d497e5c2db3b0d

Request headers

Host
zhitlo.net.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 26 Jul 2021 12:36:37 GMT
Content-Type
text/html; charset=cp1251
Transfer-Encoding
chunked
Connection
keep-alive
Content-Language
ru
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 26 Jul 2021 12:36:37 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://zhitlo.net.ua/
zhitlo1.css
zhitlo.net.ua/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zhitlo.net.ua/zhitlo1.css
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
586a6266b7730a92609788d121071fefd1c6a55a23e4751211f641d6b32f961b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Mar 2019 15:51:23 GMT
Server
nginx
ETag
W/"5c7954fb-1cac"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
ukraina.gif
zhitlo.net.ua/pics/design/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/ukraina.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
34872c9fa0f562ae0034656e7142c497d388d2c754fabcf781188086b2642de2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Fri, 29 Jan 2010 13:40:01 GMT
Server
nginx
ETag
"4b62e531-e79"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3705
home.gif
zhitlo.net.ua/pics/design/ 		82 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/home.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
d8497763a81d61709198077984c2b231620ff4f601398349e08f554e6e5b5332

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sun, 06 Jul 2008 14:44:46 GMT
Server
nginx
ETag
"4870da5e-52"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
82
ffffff.gif
zhitlo.net.ua/pics/design/ 		48 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/ffffff.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
434866667775c8138a586186b8fc7cd1dc827e25575c568b98201ef588e37ecf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sun, 06 Jul 2008 14:47:12 GMT
Server
nginx
ETag
"4870daf0-30"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48
contact.gif
zhitlo.net.ua/pics/design/ 		79 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/contact.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
229bb3e7ee9167295a763bf0c8b01ef90d2ff869ff98feab63bb8e2e3e66f2a3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sun, 06 Jul 2008 14:45:42 GMT
Server
nginx
ETag
"4870da96-4f"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79
map.gif
zhitlo.net.ua/pics/design/ 		79 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/map.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
95035d7d4c1e5eb06a2164b48f3be3f938831a053a6d813704f27e4da592ce7b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sun, 06 Jul 2008 14:46:42 GMT
Server
nginx
ETag
"4870dad2-4f"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79
portal_o_nedvizhimosti.gif
zhitlo.net.ua/pics/design/ 		917 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/portal_o_nedvizhimosti.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
75d0a91d3f804fdc0aba52e84bc28e97f86b35635e58b9a3455d4588e05783b5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Thu, 28 Jan 2010 08:40:07 GMT
Server
nginx
ETag
"4b614d67-395"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
917
show_ads.js
pagead2.googlesyndication.com/pagead/ 		97 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb5d0db4a0e486d673deb8cdb8db8f27e3060f969f7cdd204e0923b0a71c5705
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35374
x-xss-protection
0
server
cafe
etag
10446470180555236043
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 26 Jul 2021 12:36:37 GMT
100_210724_1627151504_0.jpg
zhitlo.net.ua/pics/kvartira/2021/Jul/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/kvartira/2021/Jul/100_210724_1627151504_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
d139caf69121e1d3f20e11f633fb069d4fd932df80c70aee70b7b60346c9fabf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sat, 24 Jul 2021 18:31:44 GMT
Server
nginx
ETag
"60fc5c90-194c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6476
100_210724_1627128590_0.jpg
zhitlo.net.ua/pics/kvartira/2021/Jul/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/kvartira/2021/Jul/100_210724_1627128590_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
bb474c32fc4bfb1f681748b8720ed685d0365a4358b04950f874a8cbe8100fa3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sat, 24 Jul 2021 12:09:50 GMT
Server
nginx
ETag
"60fc030e-f10"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3856
100_210723_1627043179_0.jpg
zhitlo.net.ua/pics/kvartira/2021/Jul/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/kvartira/2021/Jul/100_210723_1627043179_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
c4b0b223a205c0a3fe537e1337e44da34aa24b82d17f91d64083b50087c7afcd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Fri, 23 Jul 2021 12:26:19 GMT
Server
nginx
ETag
"60fab56b-89f"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2207
100_210725_1627211008_0.jpg
zhitlo.net.ua/pics/dom/2021/Jul/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/dom/2021/Jul/100_210725_1627211008_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
2f7e2ffdbb0f1e67605c583adddf8aadac1e57b95a60f04f0bb60f654438e450

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sun, 25 Jul 2021 11:03:28 GMT
Server
nginx
ETag
"60fd4500-116a"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4458
100_210723_1627054978_0.jpg
zhitlo.net.ua/pics/dom/2021/Jul/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/dom/2021/Jul/100_210723_1627054978_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
38446768ec14ee48d2be5eb1f9183c83d84ec33215efeefbed0220179ae47115

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Fri, 23 Jul 2021 15:42:59 GMT
Server
nginx
ETag
"60fae383-18cb"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6347
100_210719_1626709000_0.jpg
zhitlo.net.ua/pics/dom/2021/Jul/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/dom/2021/Jul/100_210719_1626709000_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
a522f30f253b9fc597247b129288b77d9a01cb9c7d9553be65e1cbb9eef87ad1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Mon, 19 Jul 2021 15:36:40 GMT
Server
nginx
ETag
"60f59c08-2fa6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12198
100_210716_1626453656_0.jpg
zhitlo.net.ua/pics/uchastok/2021/Jul/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/uchastok/2021/Jul/100_210716_1626453656_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
bcc598627984c92ff93d3e644afb0290d4eafc786657a35fecc2d1f3351f6ea0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Fri, 16 Jul 2021 16:40:56 GMT
Server
nginx
ETag
"60f1b698-e4a"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3658
100_210707_1625689263_0.jpg
zhitlo.net.ua/pics/uchastok/2021/Jul/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/uchastok/2021/Jul/100_210707_1625689263_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
ea82ea89c721163bceb53ad360a01df3453c9fdb7814ca3de4fe59aab9481eab

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Wed, 07 Jul 2021 20:21:03 GMT
Server
nginx
ETag
"60e60caf-1db4"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7604
100_210625_1624617404_0.jpg
zhitlo.net.ua/pics/uchastok/2021/Jun/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/uchastok/2021/Jun/100_210625_1624617404_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
abdf713c9787c5644f0ae34388bb6bd25ef3c28f6cd4611b7a4d42c781615981

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Fri, 25 Jun 2021 10:36:44 GMT
Server
nginx
ETag
"60d5b1bc-106d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4205
100_210725_1627210359_0.jpg
zhitlo.net.ua/pics/ofis/2021/Jul/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/ofis/2021/Jul/100_210725_1627210359_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
15d66e7593ebc901d4e19c4ab8207a85983b36db90c5097f43285028e3c50986

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sun, 25 Jul 2021 10:52:39 GMT
Server
nginx
ETag
"60fd4277-b9c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2972
100_210723_1627065792_0.jpg
zhitlo.net.ua/pics/ofis/2021/Jul/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/ofis/2021/Jul/100_210723_1627065792_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
a6f59ec271c5db409f53a0797b95ff950f879a6c86c43b18541199417b603626

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Fri, 23 Jul 2021 18:43:12 GMT
Server
nginx
ETag
"60fb0dc0-13ad"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5037
100_210722_1626986073_0.jpg
zhitlo.net.ua/pics/ofis/2021/Jul/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/ofis/2021/Jul/100_210722_1626986073_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
db0035178ba7b14c026b526a6c8f0802cd94f749ead9c3c52959b074949d6775

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Thu, 22 Jul 2021 20:34:33 GMT
Server
nginx
ETag
"60f9d659-135a"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4954
250_210620_1624185168_0.jpg
zhitlo.net.ua/foto/agentstvo/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/foto/agentstvo/250_210620_1624185168_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
ae7a62619bc3b4cddc43c7ca236da4d4c96d37f9c6ebb6c572db6b58b35e055b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sun, 20 Jun 2021 10:32:48 GMT
Server
nginx
ETag
"60cf1950-4f73"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20339
9a9a9a.gif
zhitlo.net.ua/pics/design/ 		43 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/9a9a9a.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
40660510eb1dbfc9599a6a8d6147c0a3f92e4ff99b243973d73a1687ca0e9184

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sat, 17 Nov 2007 21:00:02 GMT
Server
nginx
ETag
"473f5652-2b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
250_201125_1606296515_0.jpg
zhitlo.net.ua/foto/agentstvo/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/foto/agentstvo/250_201125_1606296515_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
bffdb7440c7cfdd4141accaffa71698dfd5aa703f59ced5f5df3e13d26cce422

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Wed, 25 Nov 2020 09:28:35 GMT
Server
nginx
ETag
"5fbe23c3-28b7"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10423
250_210710_1625869286_0.jpg
zhitlo.net.ua/foto/agentstvo/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/foto/agentstvo/250_210710_1625869286_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
855b5f654f3db428f36c685e4b3451f671f5f3702e4b9094e08657fd66cf90a2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Fri, 09 Jul 2021 22:21:26 GMT
Server
nginx
ETag
"60e8cbe6-2644"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9796
250_210622_1624389363_0.jpg
zhitlo.net.ua/foto/agentstvo/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/foto/agentstvo/250_210622_1624389363_0.jpg
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
ae7a62619bc3b4cddc43c7ca236da4d4c96d37f9c6ebb6c572db6b58b35e055b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Tue, 22 Jun 2021 19:16:03 GMT
Server
nginx
ETag
"60d236f3-4f73"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20339
price.gif
zhitlo.net.ua/pics/design/ 		841 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/price.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
e6b21bf8d99ad90791133bff8bc9a86ef4b721266721195847a7b7847d3362c0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Thu, 28 Jan 2010 15:03:38 GMT
Server
nginx
ETag
"4b61a74a-349"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
841
agency.gif
zhitlo.net.ua/pics/design/ 		895 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/agency.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
89e880fd66f858a5ae4808a9173bfea3a0846a187723d7ce8567af8a673cb83a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Thu, 28 Jan 2010 15:07:17 GMT
Server
nginx
ETag
"4b61a825-37f"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
895
stroyinvest.gif
zhitlo.net.ua/pics/design/ 		929 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/stroyinvest.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
9dd76841628302efb8818f0242e3b37f4a6d58bc3e03330bc8c01976021cdf55

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Thu, 28 Jan 2010 15:06:13 GMT
Server
nginx
ETag
"4b61a7e5-3a1"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
929
news.gif
zhitlo.net.ua/pics/design/ 		528 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/news.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
5316298539fa51dc1679d662d6d76c6aed34b778ee11272b7ebd01a3965ffea9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sun, 06 Jul 2008 15:19:42 GMT
Server
nginx
ETag
"4870e28e-210"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
528
articles.gif
zhitlo.net.ua/pics/design/ 		621 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/articles.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
092004abca0f821ea1762c4593938ba2c88f5b87ae0b9d18d01fe133997c169c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sun, 06 Jul 2008 15:20:32 GMT
Server
nginx
ETag
"4870e2c0-26d"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
621
my_kabinet.gif
zhitlo.net.ua/pics/design/ 		580 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/my_kabinet.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
416eb9c53d2602869a54a0450aaaa1d27e0e5e42ffec1703b711b005dcba6560

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Thu, 28 Jan 2010 15:22:01 GMT
Server
nginx
ETag
"4b61ab99-244"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
580
title_vip_left.gif
zhitlo.net.ua/pics/design/ 		603 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/title_vip_left.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
fefd0ae40d84c12c4525a335385222ecd20a40f34d806e254834d7a53d1857cd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Fri, 19 Feb 2010 17:20:53 GMT
Server
nginx
ETag
"4b7ec875-25b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
603
myregion.gif
zhitlo.net.ua/pics/design/ 		518 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/myregion.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
2925f51c1a6124413697964829c638be9e72a032c89ab7b55095b0b779977b94

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Thu, 28 Jan 2010 15:28:56 GMT
Server
nginx
ETag
"4b61ad38-206"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
518
add_obyava.gif
zhitlo.net.ua/pics/design/ 		890 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/add_obyava.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
ccc6054bb53c9e31e280d47e79bd836b7f296595cfa6db2a5e32da4e15bd532b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Thu, 28 Jan 2010 19:23:06 GMT
Server
nginx
ETag
"4b61e41a-37a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
890
add_compan.gif
zhitlo.net.ua/pics/design/ 		809 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/add_compan.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
bb115c867c5b1defa54313b5c072938c6531499090923f047f489cb993ca85a6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Thu, 28 Jan 2010 19:23:48 GMT
Server
nginx
ETag
"4b61e444-329"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
809
title_vip_company.gif
zhitlo.net.ua/pics/design/ 		383 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/title_vip_company.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
43903a02f7112b62740f4d7d3dfa32a806f1d2fa744ad3f6b16798a501bf73eb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Thu, 28 Jan 2010 15:39:08 GMT
Server
nginx
ETag
"4b61af9c-17f"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
383
ulobject.gif
zhitlo.net.ua/pics/design/ 		56 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/ulobject.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
991c159bbd03f284238b505949bb0c5861f653ebd78f48c68a0db8a02097a2df

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Thu, 11 Jun 2009 08:31:16 GMT
Server
nginx
ETag
"4a30c0d4-38"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56
eaeaea.gif
zhitlo.net.ua/pics/design/ 		43 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/eaeaea.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
73ad452d82c77d4caa2842e8be86f5535a0c577dd7b71003ff67d6ad2a831d92

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Mon, 24 Nov 2008 17:32:00 GMT
Server
nginx
ETag
"492ae510-2b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
header.gif
zhitlo.net.ua/pics/design/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/header.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
937d880295b795c6bc6a8ed55863371efbcc890ef17fb9c0604116f6f393bcec

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sun, 06 Jul 2008 14:39:08 GMT
Server
nginx
ETag
"4870d90c-13da"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5082
osnback.gif
zhitlo.net.ua/pics/design/ 		46 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zhitlo.net.ua/pics/design/osnback.gif
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.39.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs03.rosrealt.ru
Software
nginx /
Resource Hash
6fef75316c9aefbdae1ff0c306c82280311dff892e00aa3a326bc8614bbc81ae

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
zhitlo.net.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://zhitlo.net.ua/
Connection
keep-alive
Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 12:36:37 GMT
Last-Modified
Sun, 06 Jul 2008 15:08:04 GMT
Server
nginx
ETag
"4870dfd4-2e"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/ 		250 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95151
x-xss-protection
0
server
cafe
etag
4826816153601596757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 26 Jul 2021 12:36:37 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
6883
date
Mon, 26 Jul 2021 10:41:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 26 Jul 2021 12:41:54 GMT
cookie.js
partner.googleadservices.com/gampad/ 		203 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zhitlo.net.ua&callback=_gfp_s_&client=ca-pub-6936905335566320
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
859e64efd07b028334a09dd8f08ea2d118d63581ff14d09bddfeb2e2881ad8a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=zhitlo.net.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Jul 2021 12:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zhitlo.net.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Jul 2021 12:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E499 		80 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4716a84aaf1f09ce271e52c641f1c58414a6faf06748ca4215040ef7c9dd7656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://zhitlo.net.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://zhitlo.net.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 26 Jul 2021 12:36:38 GMT
server
cafe
content-length
13630
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 26-Jul-2021 12:51:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 26 Jul 2021 12:36:38 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:36:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039897272555"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27998
x-xss-protection
0
expires
Mon, 26 Jul 2021 12:36:37 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D1EB 		95 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e90d9957bcd67f5372cef43c15f96d0cca168f6709ecfc9ae58fd813528c68a
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6S7ojggPICFdHZ3god690FGQ&gqi=Vaz-YPPSHc6n-waLgZ3ADA&layout=/sadbundle/%24csp%253Der3%24/18444228755734590142/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://zhitlo.net.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://zhitlo.net.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM6S7ojggPICFdHZ3god690FGQ&gqi=Vaz-YPPSHc6n-waLgZ3ADA&layout=/sadbundle/%24csp%253Der3%24/18444228755734590142/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 26 Jul 2021 12:36:38 GMT
server
cafe
content-length
33851
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 26-Jul-2021 12:51:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 26 Jul 2021 12:36:38 GMT
cache-control
private
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=585417121&utmhn=zhitlo.net.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D1%8C%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20-%20%D1%81%D1%82%D0%BE%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D1%8C%20%D0%BD%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B4%D0%BE%D1%81%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%BF%D0%BE%20%D0%BD%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B0%D0%B3%D0%B5%D0%BD%D1%82%D1%81%D1%82%D0%B2%D0%B0%20%D0%BD%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8&utmhid=516870579&utmr=-&utmp=%2F&utmht=1627302997476&utmac=UA-5119716-5&utmcc=__utma%3D30108660.1970855916.1627302997.1627302997.1627302997.1%3B%2B__utmz%3D30108660.1627302997.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=422631500&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 12:36:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t14.2;r;s1600*1200*24;uhttps%3A//zhitlo.net.ua/;h%u041D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u044C%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u043...
  • https://counter.yadro.ru/hit?q;t14.2;r;s1600*1200*24;uhttps%3A//zhitlo.net.ua/;h%u041D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u044C%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u0...
219 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t14.2;r;s1600*1200*24;uhttps%3A//zhitlo.net.ua/;h%u041D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u044C%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u043D%u0435%20-%20%u0441%u0442%u043E%u0438%u043C%u043E%u0441%u0442%u044C%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438%2C%20%u0434%u043E%u0441%u043A%u0430%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u043F%u043E%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438%2C%20%u0430%u0433%u0435%u043D%u0442%u0441%u0442%u0432%u0430%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438;0.689743134766172
Requested by
Host: zhitlo.net.ua
URL: https://zhitlo.net.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host210.rax.ru
Software
nginx/1.17.9 /
Resource Hash
133e65735cf9995690e0cd85c3aa6eec376b92ab2c3bb42cf38a9a35e6a4550a
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Jul 2021 12:36:37 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
219
Expires
Sat, 25 Jul 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Jul 2021 12:36:37 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t14.2;r;s1600*1200*24;uhttps%3A//zhitlo.net.ua/;h%u041D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u044C%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u043D%u0435%20-%20%u0441%u0442%u043E%u0438%u043C%u043E%u0441%u0442%u044C%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438%2C%20%u0434%u043E%u0441%u043A%u0430%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u043F%u043E%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438%2C%20%u0430%u0433%u0435%u043D%u0442%u0441%u0442%u0432%u0430%20%u043D%u0435%u0434%u0432%u0438%u0436%u0438%u043C%u043E%u0441%u0442%u0438;0.689743134766172
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sat, 25 Jul 2020 21:00:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame D1EB 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:25:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Aug 2021 12:25:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame D1EB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:35:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Aug 2021 12:35:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D1EB 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:36:38 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Mon, 26 Jul 2021 12:36:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame D1EB 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Aug 2021 12:34:47 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/ Frame 8382 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b602b9e93173b8d38027de0b9b34ab8b4d968215efdb551dc30cc3ad78889d8f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/18444228755734590142/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2111
date
Tue, 20 Jul 2021 06:59:36 GMT
expires
Wed, 20 Jul 2022 06:59:36 GMT
last-modified
Thu, 15 Apr 2021 13:41:17 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
538622
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame D1EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJMCuVaz-YI6UHtGz-wbru5fIAfzTisJjy4HUzt0N7-bz_QgQASDqt5oHYJUCoAH_hK3tA8gBCagDAcgDSKoEtAFP0Lhu482IiPSZ54n5nZ-kzREcjzw_lqaAumyP7vZ0PzjYY3Pp7orSspN1IfwCq2UfSKLBAU1w-LiPQhwVbQznGAO7rVBYuOZPc7xcxARZgLJnMTMCAYULhCceg0oqdYdFGvhIVMs3Sb7Og4xNv1i4OQukLr7Vn2u0vOiAUWo9MjuAmFyorSlxeZPPalgjKZF-pW02fgujLWk572ZnQvrhHpDnoXkKrLmNar2PFA0a496PvA7ABPSBx8L4ApIFBAgEGAGSBQQIBRgEoAYugAeS-5odqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEKXMCNIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi02OTM2OTA1MzM1NTY2MzIw&sigh=awTZ93WJ4gE&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 26 Jul 2021 12:36:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 26 Jul 2021 12:36:38 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EDF9 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 26 Jul 2021 11:42:56 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3222
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D1EB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aca65e30678d3e91810174fa85f967dfa1e7d21eb5e066c77d8a651e3d24ee0b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8382 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 23:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48650
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Jul 2021 23:05:48 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8382 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 18:31:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Jul 2021 18:31:13 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8382 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Jul 2021 12:36:38 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 8382 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:11:57 GMT
x-content-type-options
nosniff
age
1481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85578
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 12:11:57 GMT
index.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/ Frame 8382 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43519ff493e619cd6e6048f06e60e055f1c1d8a386b2070def6b0034083c0d12
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
527158
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22734
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 13:41:17 GMT
server
sffe
date
Tue, 20 Jul 2021 10:10:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 10:10:40 GMT
css
fonts.googleapis.com/ Frame 8382 		2 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:900i
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18444228755734590142/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
344e4913e0cbeeec693a81e84e80436df593eba6bf119f6b094005f97fdb8a5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 12:36:38 GMT
server
ESF
date
Mon, 26 Jul 2021 12:36:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Jul 2021 12:36:38 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107130206000/ Frame E499 		188 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
588460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55160
x-xss-protection
0
server
sffe
date
Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b724d3ee8cec1601"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:58 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E499 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
588460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4795
x-xss-protection
0
server
sffe
date
Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"392d0f0d5f27c169"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:58 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E499 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
588460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27843
x-xss-protection
0
server
sffe
date
Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f120bcb28bbafed0"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:58 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E499 		71 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
588460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16734
x-xss-protection
0
server
sffe
date
Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b05480813bd9b7e9"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:58 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E499 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
588460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1658
x-xss-protection
0
server
sffe
date
Mon, 19 Jul 2021 17:08:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6fba3cabb8cd86f8"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:58 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame E499 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
588460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/amphtml-china-available
date
Mon, 19 Jul 2021 17:08:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12840
x-xss-protection
0
server
sffe
etag
"6d4edf2414c2591f"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:08:58 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E499 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Jul 2021 04:02:35 GMT
x-content-type-options
nosniff
server
cafe
age
30843
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Tue, 27 Jul 2021 04:02:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E499 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 22:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
50173
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 26 Jul 2021 22:40:25 GMT
truncated
/ Frame E499 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9681761d8a3dab8f3c73799b4109a7c13523e6b647987e0df0bde57edc35ba04

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
banner.png
tpc.googlesyndication.com/sadbundle/17620207512086270363/img/ Frame E499 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17620207512086270363/img/banner.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90de19ec920fb510d111757bc7b3195aa4993ce277c81a425bfcb8cf2db61cef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 06:59:29 GMT
x-content-type-options
nosniff
age
538629
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27722
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 01:25:46 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 06:59:29 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EDF9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=90&slotname=8447111215&adk=2148478325&adf=1990250811&pi=t.ma~as.8447111215&w=728&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997403&bpp=3&bdt=194&idt=58&shv=r20210720&ptt=5&saldr=sa&abxe=1&prev_slotnames=9647478286&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=xkitQTGHE9&p=https%3A//zhitlo.net.ua&dtd=60
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcTQ987utrD3wUYRuZxN46PuVMg4YjyBgIzrvVb65cMWInk4hpPb-FuKIJqmQ; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 26 Jul 2021 12:36:38 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 26-Jul-2021 13:36:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 26 Jul 2021 12:36:38 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 26 Jul 2021 12:36:38 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012107130206000/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a006f761f2e0c4fba274fc59af60f790a4050525cd5c2d021112605ca5e8fb87
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
588458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7340
x-xss-protection
0
server
sffe
date
Mon, 19 Jul 2021 17:09:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"231829aeddfa638c"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 17:09:00 GMT
KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8382 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 10:03:57 GMT
x-content-type-options
nosniff
age
527561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17540
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:11:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 10:03:57 GMT
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame 8382 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
54
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Jul 2022 12:35:44 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66cdff38cb08f85a490fd345492e61d87b68d490d2dbf6f512e527effbb59d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49252
x-xss-protection
0
server
cafe
etag
16470596267318169622
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 26 Jul 2021 12:36:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210720&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd6ee6fafde36a995d7e4c8dd14c46be50b5963209149f08441d62be7eda966c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Jul 2021 12:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8424
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 26 Jul 2021 12:36:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/ Frame 0505 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210720/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://zhitlo.net.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcTQ987utrD3wUYRuZxN46PuVMg4YjyBgIzrvVb65cMWInk4hpPb-FuKIJqmQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://zhitlo.net.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 26 Jul 2021 01:27:57 GMT
expires
Mon, 09 Aug 2021 01:27:57 GMT
content-type
text/html; charset=UTF-8
etag
4389807852502320046
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
40121
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=zhitlo.net.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Jul 2021 12:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zhitlo.net.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Jul 2021 12:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E09F 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&adk=1812271804&adf=3025194257&lmt=1627302998&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fzhitlo.net.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302998488&bpp=1&bdt=1279&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&cookie=ID%3De931c105117f625d-22707f878cc80044%3AT%3D1627302997%3ART%3D1627302997%3AS%3DALNI_MaaNv0jXfQjE1aI5dqrqrbzeMuFgQ&prev_slotnames=9647478286%2C8447111215&nras=1&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H99AGBL6lg8NHc_3eKxqknzgonFyhLpi0UJyWiHmPxewezUwxGzDUvWGL-jQQ1h4rmetwy8lVQjqHM%2CAGkb-H_ozZNlB-tjdlZ7Ii7VHqjkhLn7g74CR8qy5gO2tSxFtDGPOAVfaRzK07UdYxwNEVYEliO0MuR5YLpqDw&pvsid=3740065587506139&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=pub-6936905335566320&plah=zhitlo.net.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6936905335566320&output=html&adk=1812271804&adf=3025194257&lmt=1627302998&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fzhitlo.net.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302998488&bpp=1&bdt=1279&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&cookie=ID%3De931c105117f625d-22707f878cc80044%3AT%3D1627302997%3ART%3D1627302997%3AS%3DALNI_MaaNv0jXfQjE1aI5dqrqrbzeMuFgQ&prev_slotnames=9647478286%2C8447111215&nras=1&correlator=254949114580&frm=20&pv=1&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&psts=AGkb-H99AGBL6lg8NHc_3eKxqknzgonFyhLpi0UJyWiHmPxewezUwxGzDUvWGL-jQQ1h4rmetwy8lVQjqHM%2CAGkb-H_ozZNlB-tjdlZ7Ii7VHqjkhLn7g74CR8qy5gO2tSxFtDGPOAVfaRzK07UdYxwNEVYEliO0MuR5YLpqDw&pvsid=3740065587506139&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=19
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://zhitlo.net.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcTQ987utrD3wUYRuZxN46PuVMg4YjyBgIzrvVb65cMWInk4hpPb-FuKIJqmQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://zhitlo.net.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 26 Jul 2021 12:36:38 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 26 Jul 2021 12:36:38 GMT
cache-control
private
adview
googleads.g.doubleclick.net/pagead/ Frame E499 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9_IJVaz-YKaeHsaizAb_pYagCKzbtORjjIj6hYQN_viA2sMBEAEg6reaB2CVAqABzJmd-ALIAQmpAs4L2Yy_w7M-qAMByAMIqgSzAU_Q5j419n6WxbKjum3v2pfZIk54JWOddyhGpo8JvTFHom8YcqFWv0UnNjf0a5BkLk6q87XIFba2MCHrSucpJMW-n2uPi_RrXv7WqabYCO7M8TM3bt8vUpeZjZocPqX5lPRUR97brm_62dOL0q47ji0mS8TnI38UH-e-opeHwzi5pLM4ueTj92J-tLwnprqQiMxL6rI4t6qHagEQodPwFF4N0qob87jG71JdvPyD2BG_b2jFwAS_tL_bogOSBQQIBBgBkgUECAUYBKAGLoAHs8SamAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ_K4D0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTY5MzY5MDUzMzU1NjYzMjA&sigh=Rap9TpYj8ns&template_id=419&cbvp=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 26 Jul 2021 12:36:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D26F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://zhitlo.net.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://zhitlo.net.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 26 Jul 2021 12:25:09 GMT
expires
Tue, 26 Jul 2022 12:25:09 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
689
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D7C9 		783 B
530 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
28b6cf1026b8d89758e3a3fcf7c4a87db5e3f05861a9f365b1f2c24b0cf647fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Tldi4tsNLld8nfX0lvUjMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://zhitlo.net.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://zhitlo.net.ua/

Response headers

expires
Mon, 26 Jul 2021 12:36:38 GMT
date
Mon, 26 Jul 2021 12:36:38 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Tldi4tsNLld8nfX0lvUjMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame D26F 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 12:35:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
54
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Jul 2022 12:35:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210720&jk=3740065587506139&bg=!4uGl4aXNAAbnC78O5ws7ACkAdvg8Wkp7K774ZMn2ZOFU2qoa5Pz_YxdNLBsrFpqSSHfmPiFFALPgAwIAAABbUgAAAAxoAQcKARcxHCkuKFm1FhbRndr08V4hLEARQpejhY3zI-YEYH5PRc2sNwAr-8vMJ8rsv0faMwsOoORt-55BHVdM-kqZYNtchee4lMlYi6kV07bIWb2S4LNAY0g07k-Lvyq1_VNeCNaDnJXb_rqSjyCUvgg8sBuCqfHH9f1BbUXVCSYmbv37U5QTwWxjdFRzSZlfkvEGcgb--SwL0VM08MaQR1F-wMZdC4cMQ4TVQ7PuF1bFl9CVeUigJGMusLMYv3pZ6EnoB8bYk_nGUF2RhpSgadJf-PEom2KPWFf4450eNm660G541ZQ_ZxYeGGldCUyhd1CMpfRw4ao4R3c2racnEOUQj4F3eCaoZe1wfz5OHBRxO06KrgisM6hYJsKZAmZzz9R2hpJYm62Tb8K34MAeeYg5pbfnfX9uldRmGTsEDvC8DWGtkRqyLCyVPD02qEUBJ0f9vE-JN60DEoh5CFznSAvVsx1dd-r2pcXZnKGh-1pUjsosA7eCJGP-v86jJsvuI02gjQKCPgxs5Vkrm8ilgzFEYyRKj1-yhP66ba-oNB2FBCJ0mPAjnhCVraFVZIaGj9_YFvxliXU8c3F11VjfkWWv7HBbIYCT30zbRESfwW0ggeO_oOE0_TfjcaCZ6EFK6Ps0AhV7ErFeccOuyo-gqjCRuUijExnqVnFgeeEtqTSi4Hs4f71mbn1xjoudze8ZlutZQ_jvrgcChD733Wu1r4a0QZpvXcsL6rWRCPQvu_kDqMVej6r-YI9zXYq3xS5-05rOd_3zb1KWp_bkl8NopT5LAtyP1S3koBtoJHqyHZ7YQB9nk1FVwzV78ozdSV_9uM31VyNtVuC4muZELUWAe4sZY9FejL3cgqXxmhaX4pdzxCYt-VPF-Qcn78fDDSPflUoDc3Q0o_q81G6Tr8Z0wXEUBjRSRVc-je-1JkAuC0wcXkHqk-xI5lYD63xH7V-P_ZpDjIdGDqhR6M0T0t8-TB4-xQ19RSNTm0XDmelCNV0Wr_B53V8PK5fPe5GccV7JV0UnTO0hANx3qe1DgScAiAjfIydgpf0khIxy22TUFBT4ka-m-YF4eKoF6DA9pdJVy_giza2VayYf5NPGELgd-GmLLvMSkK5GRf7cr2mpDqje5fV4yKbbZpZC0fF86tSmIFKgoQEQV-kUGg_cdFdGtfNGwbzh2FXKZh05moP6hZQlHmpl_w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zhitlo.net.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 12:36:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E499 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJDCA-OUGDSxsT2TVdZsIwbTIqKEqDdEtI2UCV19fCBkE6XPT8bMhtIv1yWbIWjQ6qd5dspPC12_-wpj8-pbltm_HTxZ9D4KeE0gwSpbPn_mKuHBnieo7VLbVqWA&sai=AMfl-YR3crUp3DSfh5-BquRV6J2WUirr21zwl4qv8UvS04toZhqy1udtEeKAB7aeDXhBgnJdW9oDNnMo-OjQ&sig=Cg0ArKJSzPA8Bl-DgAKZEAE&id=ampim&o=371,183&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=281&tls=1282&g=100&h=100&tt=1282&r=v&avms=ampa&adk=3513610911
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 12:36:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map string| google_user_agent_client_hint string| gaJsHost function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded object| _gat object| _gaq object| pageTracker function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| adsbygoogle object| GoogleGcLKhOms function| google_spfd object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnFleK_YZXyjUkARPYRK8d9JOzI0pNg0iq_HfAlzeIqEZi81xbf9y_Z5aic

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107130206000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6936905335566320&output=html&h=280&slotname=9647478286&adk=3513610911&adf=3641337105&pi=t.ma~as.9647478286&w=336&lmt=1627302997&url=https%3A%2F%2Fzhitlo.net.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627302997275&bpp=20&bdt=66&idt=163&shv=r20210720&ptt=5&saldr=sa&abxe=1&correlator=254949114580&frm=20&pv=2&ga_vid=1970855916.1627302997&ga_sid=1627302997&ga_hid=516870579&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=371&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=3740065587506139&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Lv65uWWhgz&p=https%3A//zhitlo.net.ua&dtd=181
console-api warning URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js(Line 12)
Message:
Deprecated property or method 'Ticker.setFPS'. See docs for info.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.ampproject.org
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
ssl.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
zhitlo.net.ua
216.58.212.162
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
46.4.39.158
88.212.201.210
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
092004abca0f821ea1762c4593938ba2c88f5b87ae0b9d18d01fe133997c169c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
133e65735cf9995690e0cd85c3aa6eec376b92ab2c3bb42cf38a9a35e6a4550a
15d66e7593ebc901d4e19c4ab8207a85983b36db90c5097f43285028e3c50986
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
229bb3e7ee9167295a763bf0c8b01ef90d2ff869ff98feab63bb8e2e3e66f2a3
28b6cf1026b8d89758e3a3fcf7c4a87db5e3f05861a9f365b1f2c24b0cf647fd
2925f51c1a6124413697964829c638be9e72a032c89ab7b55095b0b779977b94
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
2f7e2ffdbb0f1e67605c583adddf8aadac1e57b95a60f04f0bb60f654438e450
344e4913e0cbeeec693a81e84e80436df593eba6bf119f6b094005f97fdb8a5b
34872c9fa0f562ae0034656e7142c497d388d2c754fabcf781188086b2642de2
38446768ec14ee48d2be5eb1f9183c83d84ec33215efeefbed0220179ae47115
40660510eb1dbfc9599a6a8d6147c0a3f92e4ff99b243973d73a1687ca0e9184
416eb9c53d2602869a54a0450aaaa1d27e0e5e42ffec1703b711b005dcba6560
434866667775c8138a586186b8fc7cd1dc827e25575c568b98201ef588e37ecf
43519ff493e619cd6e6048f06e60e055f1c1d8a386b2070def6b0034083c0d12
43903a02f7112b62740f4d7d3dfa32a806f1d2fa744ad3f6b16798a501bf73eb
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
4716a84aaf1f09ce271e52c641f1c58414a6faf06748ca4215040ef7c9dd7656
4ba4bfd17d3ff5320a00bebe68ee2ff3e7b4bf8637922acf16d497e5c2db3b0d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
5316298539fa51dc1679d662d6d76c6aed34b778ee11272b7ebd01a3965ffea9
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
586a6266b7730a92609788d121071fefd1c6a55a23e4751211f641d6b32f961b
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b
66cdff38cb08f85a490fd345492e61d87b68d490d2dbf6f512e527effbb59d49
6fef75316c9aefbdae1ff0c306c82280311dff892e00aa3a326bc8614bbc81ae
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
73ad452d82c77d4caa2842e8be86f5535a0c577dd7b71003ff67d6ad2a831d92
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
75d0a91d3f804fdc0aba52e84bc28e97f86b35635e58b9a3455d4588e05783b5
7e90d9957bcd67f5372cef43c15f96d0cca168f6709ecfc9ae58fd813528c68a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855b5f654f3db428f36c685e4b3451f671f5f3702e4b9094e08657fd66cf90a2
859e64efd07b028334a09dd8f08ea2d118d63581ff14d09bddfeb2e2881ad8a6
89e880fd66f858a5ae4808a9173bfea3a0846a187723d7ce8567af8a673cb83a
90de19ec920fb510d111757bc7b3195aa4993ce277c81a425bfcb8cf2db61cef
937d880295b795c6bc6a8ed55863371efbcc890ef17fb9c0604116f6f393bcec
95035d7d4c1e5eb06a2164b48f3be3f938831a053a6d813704f27e4da592ce7b
9681761d8a3dab8f3c73799b4109a7c13523e6b647987e0df0bde57edc35ba04
991c159bbd03f284238b505949bb0c5861f653ebd78f48c68a0db8a02097a2df
9dd76841628302efb8818f0242e3b37f4a6d58bc3e03330bc8c01976021cdf55
a006f761f2e0c4fba274fc59af60f790a4050525cd5c2d021112605ca5e8fb87
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a522f30f253b9fc597247b129288b77d9a01cb9c7d9553be65e1cbb9eef87ad1
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6f59ec271c5db409f53a0797b95ff950f879a6c86c43b18541199417b603626
abdf713c9787c5644f0ae34388bb6bd25ef3c28f6cd4611b7a4d42c781615981
aca65e30678d3e91810174fa85f967dfa1e7d21eb5e066c77d8a651e3d24ee0b
ae7a62619bc3b4cddc43c7ca236da4d4c96d37f9c6ebb6c572db6b58b35e055b
b602b9e93173b8d38027de0b9b34ab8b4d968215efdb551dc30cc3ad78889d8f
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bb115c867c5b1defa54313b5c072938c6531499090923f047f489cb993ca85a6
bb474c32fc4bfb1f681748b8720ed685d0365a4358b04950f874a8cbe8100fa3
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bcc598627984c92ff93d3e644afb0290d4eafc786657a35fecc2d1f3351f6ea0
bffdb7440c7cfdd4141accaffa71698dfd5aa703f59ced5f5df3e13d26cce422
c4b0b223a205c0a3fe537e1337e44da34aa24b82d17f91d64083b50087c7afcd
c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef
ccc6054bb53c9e31e280d47e79bd836b7f296595cfa6db2a5e32da4e15bd532b
d139caf69121e1d3f20e11f633fb069d4fd932df80c70aee70b7b60346c9fabf
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d8497763a81d61709198077984c2b231620ff4f601398349e08f554e6e5b5332
db0035178ba7b14c026b526a6c8f0802cd94f749ead9c3c52959b074949d6775
dd6ee6fafde36a995d7e4c8dd14c46be50b5963209149f08441d62be7eda966c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b21bf8d99ad90791133bff8bc9a86ef4b721266721195847a7b7847d3362c0
ea82ea89c721163bceb53ad360a01df3453c9fdb7814ca3de4fe59aab9481eab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3039e343bc61cc16fc587e063d92cf190c34823df58e3fe5caf5717198a49fc
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
fb5d0db4a0e486d673deb8cdb8db8f27e3060f969f7cdd204e0923b0a71c5705
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
fefd0ae40d84c12c4525a335385222ecd20a40f34d806e254834d7a53d1857cd