urlscan.io logo urlscan.io
SecurityTrails logo

one.org.ua Open in urlscan Pro
116.202.39.219  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://one.org.ua/
Effective URL: https://one.org.ua/
Submission Tags: @phish_report
Submission: On February 18 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 92 HTTP transactions. The main IP is 116.202.39.219, located in Krefeld, Germany and belongs to HETZNER-AS, DE. The main domain is one.org.ua.
TLS certificate: Issued by R3 on February 7th 2024. Valid for: 3 months.
This is the only time one.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

32    116.202.39.219 (Krefeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: plesk2.netexpert.net.ua
one.org.ua
13    2404:6800:4006:811::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2404:6800:4006:814::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2404:6800:4006:812::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f019:116:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2404:6800:4006:804::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2404:6800:4003:c1c::9d (Singapore, Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    34.117.186.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.186.117.34.bc.googleusercontent.com
ipinfo.io
17    2404:6800:4006:804::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2404:6800:4006:814::2004 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4006:804::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google.co.nz
2    2404:6800:4006:804::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2404:6800:4006:80f::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a03:2880:f119:8083:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    142.251.221.66 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
32 one.org.ua
one.org.ua
1 MB
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
570 KB
8 gstatic.com
www.gstatic.com
61 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
95 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
21 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 141
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 191
69 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
139 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
185 B
1 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 32448
408 B
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 7694
568 B
92 13
Domain Requested by
32 one.org.ua 1 redirects one.org.ua
17 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.gstatic.com
13 pagead2.googlesyndication.com one.org.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 www.gstatic.com googleads.g.doubleclick.net
7 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googleadservices.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 www.google.com tpc.googlesyndication.com
2 connect.facebook.net one.org.ua
connect.facebook.net
2 www.googletagmanager.com one.org.ua
www.googletagmanager.com
1 www.facebook.com
1 www.google.co.nz
1 ipinfo.io one.org.ua
1 stats.g.doubleclick.net www.google-analytics.com
92 15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
one.org.ua
R3		 2024-02-07 -
2024-05-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-28 -
2024-02-26		 3 months crt.sh
ipinfo.io
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://one.org.ua/
Frame ID: B96493F5227E6BF98E6A6CC844DF4AAA
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 7C8A099D02C3318C5CD8EE82A6855652
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9150032468278725&output=html&adk=1812271804&adf=3025194257&lmt=1708284659&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fone.org.ua%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708284658193&bpp=223&bdt=900&idt=1152&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=419734783316&frm=20&pv=2&ga_vid=1003531430.1708284659&ga_sid=1708284659&ga_hid=1794704299&ga_fc=0&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44785292%2C95324580%2C95325067%2C31081220%2C95322329%2C95320870%2C95324155%2C95324161%2C95324431&oid=2&pvsid=4488315477823659&tmod=443366119&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=1175
Frame ID: 02F03A3E57DBC64E736BC86463928DBD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9150032468278725&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.3029822808~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708284660&rafmt=1&to=qs&pwprc=5057293699&format=1200x280&url=https%3A%2F%2Fone.org.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708284660319&bpp=2&bdt=3026&idt=-M&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=419734783316&frm=20&pv=1&ga_vid=1003531430.1708284659&ga_sid=1708284659&ga_hid=1794704299&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44785292%2C95324580%2C95325067%2C31081220%2C95322329%2C95320870%2C95324155%2C95324161%2C95324431&oid=2&pvsid=4488315477823659&tmod=443366119&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
Frame ID: DA0A4992DEB6BD332FEC09C70C685228
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9150032468278725&output=html&h=280&adk=2217155248&adf=4008695528&pi=t.aa~a.2367377361~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708284660&rafmt=1&to=qs&pwprc=5057293699&format=1200x280&url=https%3A%2F%2Fone.org.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708284660319&bpp=1&bdt=3026&idt=1&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=419734783316&frm=20&pv=1&ga_vid=1003531430.1708284659&ga_sid=1708284659&ga_hid=1794704299&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44785292%2C95324580%2C95325067%2C31081220%2C95322329%2C95320870%2C95324155%2C95324161%2C95324431&oid=2&pvsid=4488315477823659&tmod=443366119&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13
Frame ID: 763FB1D562FBF9587FBA3C0E3C9EE285
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E72F389EAD901D4F3F6074BFA2EC68ED
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8328C30EC3FF7AAE528288B0FE156A1B
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC0A602E51F2336FEEBD7B3001686551
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B2EAABC84158F91AE89D178F8B0ED251
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 04F7250F235C4EFA4451903D11889980
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17619650906921427031/index.html
Frame ID: CE4C701BCE4B5A7135D73D843653B144
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Frame ID: E7A1DA41F2FB152EB16518467967EC79
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Frame ID: B5FB86EBBE9247C8823707E4A045E2A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Плитка та Сантехніка

Page URL History Show full URLs

  1. http://one.org.ua/ HTTP 301
    https://one.org.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

92
Requests

99 %
HTTPS

80 %
IPv6

13
Domains

15
Subdomains

16
IPs

4
Countries

2340 kB
Transfer

4767 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://one.org.ua/ HTTP 301
    https://one.org.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CEJZb81rSZd2kHPXP9fwP86ag4Aukk8z1deTP8tX_EWQQASD85PCVAWCr7LGF4BigAYOjps0DyAEJqQKsrKWI3IykPqgDAcgDSKoE6QFP0PoA3GZy6hwk3xCz2VC6tWVPk--uGvZBk8yT3rL-xi4I5tSB_0J67-nGMb482QuwgE05G5aeeoUwwfjye1EouBjYV9DduFuya0sUTp_bTxKiS_sYrAV7yOSMpdFRJ-EHCyv1t-DowxSvhH4JTM4EUm39xmRKQH1GyOeBGqiQkmEgYc0uhTeCLTkho5bJkcu4h8KO9HnaWHIZOKYEv8kwoB_3NGK3jLIWnUbHF6TajAKLVv5KtOM3FG-bekRIBGoYh8VoyJhql4c7EhiVklQS1l6TzjEQlnKzzXAcAEvKgxWfv84CSCkz0cAEi9q2hNMEiAWA16-qTpIFBAgEGAGSBQQIBRgEoAYu2AYCgAfl3NkyqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQjfkZoAjc2j2wCALSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYpMq1otC1hAOaCT9odHRwczovL3d3dy5jb250aW5lbnRhbGNhcnMuY28ubnovY29udGluZW50YWwtY2Fycy10eXJlLWNlbnRyZS-ACgHICwHaDBEKCxCwtbz1n-uy0LYBEgIBA9gTCoIUDBoKb25lLm9yZy51YdAVAYAXAbIXHAoaCAASFHB1Yi05MTUwMDMyNDY4Mjc4NzI1GAA&sigh=bu4nR3m1AYs&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_ShFKpYbWLCLhsOgGyYVCTQMVIxYNzn4N47MWIZO3jwYOHfrmQFmamcF_FxN8FY-bzpy4SzG6wyCmTr9Got03nZ01RYmVHLdBuhgB&template_id=419&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfb9d4b4f0a2a8cb90000000000000000%22,%222%22:%220x3e9b940d03d8271c0000000000000000%22,%223%22:%220x511aa679ca45b8d00000000000000000%22,%224%22:%220x6352147fe66b145f0000000000000000%22,%225%22:%220x59d479da31a3e8ca0000000000000000%22},%22debug_key%22:%2217457283614874478117%22,%22debug_reporting%22:true,%22destination%22:%22https://continentalcars.co.nz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22967414147%22],%2222%22:[%22true%22],%224%22:[%2202-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217422041541528886881%22}&andc=true

92 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
one.org.ua/
Redirect Chain
  • http://one.org.ua/
  • https://one.org.ua/
102 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PHP/7.4.33 PleskLin
Resource Hash
8b77fa885830bdff9dc85317d246b9294830b5760fb461a7842222c0496cde3b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-length
16159
content-type
text/html; charset=utf-8
date
Sun, 18 Feb 2024 19:30:57 GMT
server
nginx
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.4.33 PleskLin

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 18 Feb 2024 19:30:55 GMT
Location
https://one.org.ua/
Server
nginx
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9150032468278725
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
288ae0b3ed809ca2bd87afddaed4a6979c187c9754720209c368816bf177c29f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.org.ua/
Origin
https://one.org.ua
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51519
x-xss-protection
0
server
cafe
etag
10236944405488387721
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 18 Feb 2024 19:30:57 GMT
stylesheet_min.css
one.org.ua/catalog/view/theme/revolution/stylesheet/ 		330 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one.org.ua/catalog/view/theme/revolution/stylesheet/stylesheet_min.css
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
47ec03309bc3ac5a016afd1066a62d246d067033841dc90dd3629b998515ddce

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:57 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 16:27:13 GMT
server
nginx
etag
"52728-5e6ff274306bb-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
57091
jquery-2.1.1.min.js
one.org.ua/catalog/view/javascript/jquery/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.org.ua/catalog/view/javascript/jquery/jquery-2.1.1.min.js
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:57 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 16:27:13 GMT
server
nginx
etag
"14915-5e6ff27426a7b-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
29497
owl.carousel.min.js
one.org.ua/catalog/view/javascript/jquery/owl-carousel/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.org.ua/catalog/view/javascript/jquery/owl-carousel/owl.carousel.min.js
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
bdfe1b9bed7fd0fe71122ff6ed06c74184342c50ce96e494bf3403ee609ab486

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:57 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 16:27:13 GMT
server
nginx
etag
"59f9-5e6ff27426e63-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
6452
js
www.googletagmanager.com/gtag/ 		137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-164791728-1
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e8f9af2767d64eb278a50de5eccb08e58f334d514fc06a0b6b6ddbefa131aaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
53564
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 18 Feb 2024 19:30:58 GMT
200.png
one.org.ua/image/catalog/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/catalog/200.png
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
4aacdc4f5d7f4fc5c4dcc5d0e373ee932168d1b84095e705f716e7857fa9e3bf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:57 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 16:29:13 GMT
server
nginx
etag
W/"177b-5e6ff2e7013f2"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/png
telefon_header-32x32.png
one.org.ua/image/cache/catalog/revolution/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/catalog/revolution/telefon_header-32x32.png
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
9b9f0b1c6257c531b8e5050bddf217a4fed579d15cb8620891a860e68bfd9d0f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:57 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 16:45:19 GMT
server
nginx
etag
W/"4cd-5e6ff67ff89c0"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/png
no_image-21x21.png
one.org.ua/image/cache/ 		848 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/no_image-21x21.png
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
9f061684333e5e30950452180b629c3ac018acf73ff34ebdf6afec73399c1224

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:57 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 17:03:38 GMT
server
nginx
etag
W/"350-5e6ffa983ecbe"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/png
1-1140x380.png
one.org.ua/image/cache/catalog/ 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/catalog/1-1140x380.png
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
80df099b0f32a3b3b9f4938718bc45d9dfcdb3b9ba64fa63cdf87359f325fd14

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 17:24:43 GMT
server
nginx
etag
W/"2c8be-5e6fff4e88290"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/png
3-1140x380.png
one.org.ua/image/cache/catalog/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/catalog/3-1140x380.png
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
e77a22081053ccc02fb75ec209f6b8b6d3fe4a326470a49c0f980fcf8d7d5972

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 17:24:43 GMT
server
nginx
etag
W/"1f2fd-5e6fff4e99400"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/png
2-1140x380.png
one.org.ua/image/cache/catalog/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/catalog/2-1140x380.png
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
8ce31ae4258be24b3650160a4a92f164946db56ae44391fef139b9bf970d716f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 17:24:43 GMT
server
nginx
etag
W/"232da-5e6fff4ea95d0"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/png
%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D0%B9%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D1%83-1140x380.png
one.org.ua/image/cache/catalog/ 		310 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/catalog/%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D0%B9%20%D0%B7%D0%BD%D0%B8%D0%B6%D0%BA%D1%83-1140x380.png
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
f986677a0a669f5623835758585c87696378251756521cdfa4182b746a2c68ea

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 17:24:43 GMT
server
nginx
etag
W/"4d7bf-5e6fff4e6d8c8"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/png
113500-0-228x228.jpg
one.org.ua/image/cache/products/0/0/5/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/0/0/5/113500-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
72936e20c1f1ca49f0b35b4acab593fe62f5acfb46220f03c2441e2ac17b1033

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"1457-60fc01adf5cc5"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
113499-0-228x228.jpg
one.org.ua/image/cache/products/9/9/4/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/9/9/4/113499-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
0381c326f81462b9054be596871e6c87336aeb3968aa862a8534b7308869f6f8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"1429-60fc01adfa314"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
113484-0-228x228.jpg
one.org.ua/image/cache/products/4/8/4/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/4/8/4/113484-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
215195e524b9d98aec49a3604a13e2cb921e5d175fc6ae2ebedb91d499276d29

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"1a36-60fc01adfe57c"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
113504-0-228x228.jpg
one.org.ua/image/cache/products/4/0/5/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/4/0/5/113504-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
243e59bda40b81e92ec211082ba272d30b09b0d115c0e3f150c3f2f2e5d83961

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"20bd-60fc01ae02fb4"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
113482-0-228x228.jpg
one.org.ua/image/cache/products/2/8/4/ 		9 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/2/8/4/113482-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
5ffea64105b36ba687f8930535939aec8e5bc34c3c30521d4dc04089bf3a826c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"2260-60fc01ae079ec"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
113505-0-228x228.jpg
one.org.ua/image/cache/products/5/0/5/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/5/0/5/113505-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
8153a89b1c14f5f0a593198a38d3666d82fcb2b3b2ee7758d711ce28ea84ae1b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"22c3-60fc01ae0c03b"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
113498-0-228x228.jpg
one.org.ua/image/cache/products/8/9/4/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/8/9/4/113498-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
9c2d49cd7f94976b091a9b20f1058aa2e4eb3901d11b2199fe3cff61bb6c823f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"33a8-60fc01ae1068b"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
113497-0-228x228.jpg
one.org.ua/image/cache/products/7/9/4/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/7/9/4/113497-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
660b2ff5d9389f53d908743dcb3645aaae734b006459f69d6c1f17adf7960f23

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"3163-60fc01ae14cdb"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
113496-0-228x228.jpg
one.org.ua/image/cache/products/6/9/4/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/6/9/4/113496-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
741d3c6c9f34e9af2a9d533bf0fe847365cb12d448d5925570fe3bdc99240932

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"45b1-60fc01ae19713"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
113495-0-228x228.jpg
one.org.ua/image/cache/products/5/9/4/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/5/9/4/113495-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
41fd13404732a840faa0cd8ec1844eb8201917032db2759629b2f1ec114b7a88

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"63c3-60fc01ae1e14a"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
113494-0-228x228.jpg
one.org.ua/image/cache/products/4/9/4/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/4/9/4/113494-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
5a19e41b7671bc58bb2d67c85d7f9947b0ffa954e82fb38adfecc987ec11f2fc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"5f62-60fc01ae22b82"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
113493-0-228x228.jpg
one.org.ua/image/cache/products/3/9/4/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/cache/products/3/9/4/113493-0-228x228.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
ef786e44161beaa956b86a34a98e75443097cf34c504b68410b78ec8f1c7ce63

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 07:26:59 GMT
server
nginx
etag
W/"65db-60fc01ae275ba"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
javascript_min.js
one.org.ua/catalog/view/javascript/revolution/ 		125 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.org.ua/catalog/view/javascript/revolution/javascript_min.js
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
bcfae6d71bfbbf638899b4a680e9c0e1aa0111d4877cd7b67d03196e8fa16587

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:57 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 16:27:13 GMT
server
nginx
etag
"1f3f1-5e6ff274289bb-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
31303
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9150032468278725
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47aff2dd89a5887f7b6a0fe9a47821a36faa35c94699233c74677164908a90e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141232
x-xss-protection
0
server
cafe
etag
16275665619822973721
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Feb 2024 19:30:58 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 7C8A 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9150032468278725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

age
41904
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Feb 2024 07:52:34 GMT
etag
3890843268177463596
expires
Sun, 03 Mar 2024 07:52:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookieconsent.min.js
one.org.ua/catalog/view/javascript/facebook/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.org.ua/catalog/view/javascript/facebook/cookieconsent.min.js
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 16:27:13 GMT
server
nginx
etag
"5148-5e6ff27423f83-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
6849
cookieconsent.min.css
one.org.ua/catalog/view/theme/css/facebook/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one.org.ua/catalog/view/theme/css/facebook/cookieconsent.min.css
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 16:27:13 GMT
server
nginx
etag
"fe0-5e6ff27428da3-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
1209
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f019:116:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 18 Feb 2024 19:30:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
0PQEJqgLZKSkyFQrBvh7YSmSrgIzU/hijwvGotLNsjPmq83//RUDNiww5iJf+x5c29Mg2lvtr7eawo2gdfXI1w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook_pixel_3_1_0.js
one.org.ua/catalog/view/javascript/facebook/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one.org.ua/catalog/view/javascript/facebook/facebook_pixel_3_1_0.js
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
2764eb52b06165789e33a2815fb72833341183ff0e611d0a9a8201e15cd83f30

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
gzip
last-modified
Wed, 24 Aug 2022 16:27:13 GMT
server
nginx
etag
"ea5-5e6ff27423f83-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
1342
head_bg.jpg
one.org.ua/image/catalog/ 		118 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one.org.ua/image/catalog/head_bg.jpg
Requested by
Host: one.org.ua
URL: https://one.org.ua/catalog/view/theme/revolution/stylesheet/stylesheet_min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
88e9a486be9a10f89db50bce5780f7a0bc8acf9959bdfc8d42a36452db89c65f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/catalog/view/theme/revolution/stylesheet/stylesheet_min.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
content-encoding
br
last-modified
Wed, 24 Aug 2022 16:29:13 GMT
server
nginx
etag
W/"1d76f-5e6ff2e705a42"
x-powered-by
PleskLin
vary
Accept-Encoding, User-Agent
content-type
image/jpeg
Roboto-Regular.woff2
one.org.ua/catalog/view/theme/revolution/stylesheet/fonts/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://one.org.ua/catalog/view/theme/revolution/stylesheet/fonts/Roboto-Regular.woff2
Requested by
Host: one.org.ua
URL: https://one.org.ua/catalog/view/theme/revolution/stylesheet/stylesheet_min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
123f40b3fa1c0351e4431da07696be8b4a30299e5f1387bdbfa4b6bf638e66ce

Request headers

Referer
https://one.org.ua/catalog/view/theme/revolution/stylesheet/stylesheet_min.css
Origin
https://one.org.ua
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
last-modified
Wed, 24 Aug 2022 16:27:13 GMT
server
nginx
etag
"f128-5e6ff2742f71b"
x-powered-by
PleskLin
vary
User-Agent
content-type
font/woff2
accept-ranges
bytes
content-length
61736
fontawesome-webfont.woff2
one.org.ua/catalog/view/theme/revolution/stylesheet/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://one.org.ua/catalog/view/theme/revolution/stylesheet/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: one.org.ua
URL: https://one.org.ua/catalog/view/theme/revolution/stylesheet/stylesheet_min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://one.org.ua/catalog/view/theme/revolution/stylesheet/stylesheet_min.css
Origin
https://one.org.ua
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
last-modified
Wed, 24 Aug 2022 16:27:13 GMT
server
nginx
etag
"12d68-5e6ff2742feeb"
x-powered-by
PleskLin
vary
User-Agent
content-type
font/woff2
accept-ranges
bytes
content-length
77160
Roboto-Bold.woff2
one.org.ua/catalog/view/theme/revolution/stylesheet/fonts/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://one.org.ua/catalog/view/theme/revolution/stylesheet/fonts/Roboto-Bold.woff2
Requested by
Host: one.org.ua
URL: https://one.org.ua/catalog/view/theme/revolution/stylesheet/stylesheet_min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.39.219 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
plesk2.netexpert.net.ua
Software
nginx / PleskLin
Resource Hash
02bae3958b887d3918ea8b80d9076ecb4bd2462747161c82d934a05dc3561067

Request headers

Referer
https://one.org.ua/catalog/view/theme/revolution/stylesheet/stylesheet_min.css
Origin
https://one.org.ua
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:58 GMT
last-modified
Wed, 24 Aug 2022 16:27:13 GMT
server
nginx
etag
"f074-5e6ff2742f71b"
x-powered-by
PleskLin
vary
User-Agent
content-type
font/woff2
accept-ranges
bytes
content-length
61556
js
www.googletagmanager.com/gtag/ 		250 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-39RRNWC4FB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164791728-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8f3c8b31d1b284a506fb6a0f3768c950f38ef7ad4907eb42d36bb6c1798ba6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:30:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88070
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 18 Feb 2024 19:30:59 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164791728-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 18 Feb 2024 17:53:13 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5866
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 18 Feb 2024 19:53:13 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 02F0 		335 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9150032468278725&output=html&adk=1812271804&adf=3025194257&lmt=1708284659&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fone.org.ua%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708284658193&bpp=223&bdt=900&idt=1152&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=419734783316&frm=20&pv=2&ga_vid=1003531430.1708284659&ga_sid=1708284659&ga_hid=1794704299&ga_fc=0&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44785292%2C95324580%2C95325067%2C31081220%2C95322329%2C95320870%2C95324155%2C95324161%2C95324431&oid=2&pvsid=4488315477823659&tmod=443366119&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=1175
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a216d7ed0c9208a0ab123ad0148d2d4477f803d93dfc2fc711c1f6d03ba7c3bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
82651
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Feb 2024 19:30:59 GMT
expires
Sun, 18 Feb 2024 19:30:59 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
167 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-39RRNWC4FB&gtm=45je42e0v892154654za200&_p=1708284658408&gcd=13l3l3l3l1&npa=0&dma=0&cid=1003531430.1708284659&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708284659&sct=1&seg=0&dl=https%3A%2F%2Fone.org.ua%2F&dt=%D0%9F%D0%BB%D0%B8%D1%82%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%A1%D0%B0%D0%BD%D1%82%D0%B5%D1%85%D0%BD%D1%96%D0%BA%D0%B0&en=page_view&_fv=1&_ss=1&tfd=5174
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39RRNWC4FB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 19:30:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://one.org.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1794704299&t=pageview&_s=1&dl=https%3A%2F%2Fone.org.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BB%D0%B8%D1%82%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%A1%D0%B0%D0%BD%D1%82%D0%B5%D1%85%D0%BD%D1%96%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=706746641&gjid=454165864&cid=1003531430.1708284659&tid=UA-164791728-1&_gid=183674204.1708284660&_r=1&gtm=457e42e0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1317072839
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://one.org.ua/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 19:31:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://one.org.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-164791728-1&cid=1003531430.1708284659&jid=706746641&gjid=454165864&_gid=183674204.1708284660&_u=YADAAUAAAAAAACAAI~&z=1395638724
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://one.org.ua/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 18 Feb 2024 19:31:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://one.org.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ipinfo.io/ 		265 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/
Requested by
Host: one.org.ua
URL: https://one.org.ua/catalog/view/javascript/facebook/cookieconsent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.186.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.186.117.34.bc.googleusercontent.com
Software
nginx/1.24.0 /
Resource Hash
64d175c790da20955f58ef525ad2bf081bf74ae0e0f84f2c2a3b2ae623072072
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://one.org.ua/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 18 Feb 2024 19:31:00 GMT
via
1.1 google
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.24.0
strict-transport-security
max-age=2592000; includeSubDomains
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6310c4ab7d5bb90ed0edd05bda86886a4fd6d160c9aca89916c5a9db6301ce01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12489
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/reactive_library_fy2021.js?bust=31081220
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4adc940df4e0674c30c88426d542d6b4e1e781830d4a5dcb7261b119efd032ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57088
x-xss-protection
0
server
cafe
etag
17642498957987202142
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Feb 2024 19:31:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame DA0A 		844 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9150032468278725&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.3029822808~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1708284660&rafmt=1&to=qs&pwprc=5057293699&format=1200x280&url=https%3A%2F%2Fone.org.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708284660319&bpp=2&bdt=3026&idt=-M&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=419734783316&frm=20&pv=1&ga_vid=1003531430.1708284659&ga_sid=1708284659&ga_hid=1794704299&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44785292%2C95324580%2C95325067%2C31081220%2C95322329%2C95320870%2C95324155%2C95324161%2C95324431&oid=2&pvsid=4488315477823659&tmod=443366119&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42e2f7841c184c7c3e960ceb591d13e794564ab1f68eb800bbf32a36c21dc3d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
406
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Feb 2024 19:31:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 763F 		844 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9150032468278725&output=html&h=280&adk=2217155248&adf=4008695528&pi=t.aa~a.2367377361~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1708284660&rafmt=1&to=qs&pwprc=5057293699&format=1200x280&url=https%3A%2F%2Fone.org.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708284660319&bpp=1&bdt=3026&idt=1&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=419734783316&frm=20&pv=1&ga_vid=1003531430.1708284659&ga_sid=1708284659&ga_hid=1794704299&ga_fc=1&u_tz=780&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1618&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808398%2C44785292%2C95324580%2C95325067%2C31081220%2C95322329%2C95320870%2C95324155%2C95324161%2C95324431&oid=2&pvsid=4488315477823659&tmod=443366119&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba2dd440730d51508abd887109c4b7f8522a5ee68b949570e4ed7e109e91b09c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
406
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Feb 2024 19:31:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 18 Feb 2024 19:31:01 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame E72F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

age
40310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Feb 2024 08:19:10 GMT
etag
3890843268177463596
expires
Sun, 03 Mar 2024 08:19:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 8328 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_fy2021.js?bust=31081220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:812::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

age
40310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Feb 2024 08:19:10 GMT
etag
3890843268177463596
expires
Sun, 03 Mar 2024 08:19:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2606130989604107
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2606130989604107?v=2.9.147&r=stable&domain=one.org.ua&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f019:116:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c6fdcdb04af2f95b0ea3e27ec3ef315aa6a25d79cd653fa2213662cc11da706
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 18 Feb 2024 19:31:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
1OmU4OJNVVT3hLqQxTojgUAxHZpy9Oze8u/CavBj5b+VapliWdJFwPU9bSBI0tAQt/Tjc7HqVdGVTBPCEiZXzA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-164791728-1&cid=1003531430.1708284659&jid=706746641&_u=YADAAUAAAAAAACAAI~&z=1146906136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2004 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 19:31:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-164791728-1&cid=1003531430.1708284659&jid=706746641&_u=YADAAUAAAAAAACAAI~&z=1146906136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 19:31:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame E72F 		2 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b11d5d358b3753b9e7896ab1b32faafa06b108088b8f026cef635b98704b6fe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Sun, 18 Feb 2024 19:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 18 Feb 2024 19:31:01 GMT
more_vert_white_48dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E72F 		233 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/more_vert_white_48dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:53:18 GMT
x-content-type-options
nosniff
age
214663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 15 Feb 2025 07:53:18 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E72F 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 08:00:35 GMT
x-content-type-options
nosniff
age
214226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 15 Feb 2025 08:00:35 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E72F 		604 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:41:21 GMT
x-content-type-options
nosniff
age
215380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 15 Feb 2025 07:41:21 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame E72F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 08:32:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
39481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6487
x-xss-protection
0
server
cafe
etag
9214289930287671984
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Mar 2024 08:32:59 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame E72F 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 08:32:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
39481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
6041988417631582345
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Mar 2024 08:32:59 GMT
5d115d22c534f80a76417856e32eef9c.js
www.gstatic.com/mysidia/ Frame 8328 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3749
x-xss-protection
0
last-modified
Fri, 16 Feb 2024 00:22:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 16 May 2024 07:43:31 GMT
c3f387cb159af31b8eebdade486bc9f5.js
www.gstatic.com/mysidia/ Frame 8328 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c3f387cb159af31b8eebdade486bc9f5.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
debb082a27a8f82a26f5bed523ccea13e900f5a6b0c8bbb5932ecdfa6faafecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:52:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16369
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 01:25:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 16 May 2024 07:52:47 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 8328 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 17:00:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
9054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Mar 2024 17:00:06 GMT
c558ca21a4741214d4f6a1021ba2ced6.js
www.gstatic.com/mysidia/ Frame 8328 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c558ca21a4741214d4f6a1021ba2ced6.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a637295cbf7a378f5b940da61df91245d2834622dd2bdfd6f93352a35d87089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:52:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9431
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 01:25:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 16 May 2024 07:52:47 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 8328 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 17:00:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
9054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Mar 2024 17:00:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 8328 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 16:59:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
9062
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Mar 2024 16:59:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 8328 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 16:59:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
9062
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Mar 2024 16:59:58 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8328 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:17:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 18 Feb 2024 20:17:14 GMT
c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame 8328 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15250
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 01:25:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 16 May 2024 07:50:50 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2606130989604107&ev=PageView&dl=https%3A%2F%2Fone.org.ua%2F&rl=&if=false&ts=1708284661132&sw=1600&sh=1200&v=2.9.147&r=stable&a=exopencart-3.0.3.2-3.1.0&ec=0&o=4126&fbp=fb.2.1708284661131.965516645&ler=empty&cdl=API_unavailable&it=1708284660658&coo=false&exp=e1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f119:8083:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 18 Feb 2024 19:31:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC0A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
215053
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Feb 2024 07:46:48 GMT
expires
Sat, 15 Feb 2025 07:46:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B2EA 		829 B
984 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2004 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
51fcfb35caa01e9f91975f5d2cd43e8dd4d4f01a1e4adc217af6fa3e5209d4b6
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-9UgbIVdM0vQPJch2U9Yvnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://one.org.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'nonce-9UgbIVdM0vQPJch2U9Yvnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 18 Feb 2024 19:31:01 GMT
expires
Sun, 18 Feb 2024 19:31:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ Frame 04F7 		6 KB
788 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
08b1d01987b871819d1c09e50b54292f972e2b27514167555c71f9d29366f88c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Sun, 18 Feb 2024 19:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 18 Feb 2024 19:31:01 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 04F7 		2 KB
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 17:00:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
9055
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Mar 2024 17:00:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 04F7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 17:00:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
9055
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Mar 2024 17:00:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 04F7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 16:59:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
9063
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Mar 2024 16:59:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 04F7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 16:59:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
9063
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Mar 2024 16:59:58 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 04F7 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:17:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
827
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 18 Feb 2024 20:17:14 GMT
c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame 04F7 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15250
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 01:25:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 16 May 2024 07:50:50 GMT
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame EC0A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:59:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
214291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 07:59:30 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17619650906921427031/ Frame CE4C 		56 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17619650906921427031/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/c3f387cb159af31b8eebdade486bc9f5.js?tag=html5_display_upload/html5_exit_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a90762f4511af3034b2c9a99674b819aa4a87a795ce1b6f7b60ebde72be9994
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
177380
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
16120
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Feb 2024 18:14:41 GMT
expires
Sat, 15 Feb 2025 18:14:41 GMT
last-modified
Mon, 17 Jul 2023 01:37:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
truncated
/ Frame 8328 		450 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cb77af6aea6ea49d03d497ff5e1dce37fc1deaa77a70e218b8df4eba12b71d3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 8328
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CEJZb81rSZd2kHPXP9fwP86ag4Aukk8z1deTP8tX_EWQQASD85PCVAWCr7LGF4BigAYOjps0DyAEJqQKsrKWI3IykPqgDAcgDSKoE6QFP0PoA3GZy6hwk3xCz2VC6tWVPk--uGvZBk8yT3rL...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfb9d4b4f0a2a8cb90000000000000000%22,%222%22:%220x3e9b940d03d8271c0000000000000000%22,%223%22:%220x511aa6...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfb9d4b4f0a2a8cb90000000000000000%22,%222%22:%220x3e9b940d03d8271c0000000000000000%22,%223%22:%220x511aa679ca45b8d00000000000000000%22,%224%22:%220x6352147fe66b145f0000000000000000%22,%225%22:%220x59d479da31a3e8ca0000000000000000%22},%22debug_key%22:%2217457283614874478117%22,%22debug_reporting%22:true,%22destination%22:%22https://continentalcars.co.nz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22967414147%22],%2222%22:[%22true%22],%224%22:[%2202-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217422041541528886881%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:31:02 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xfb9d4b4f0a2a8cb90000000000000000","2":"0x3e9b940d03d8271c0000000000000000","3":"0x511aa679ca45b8d00000000000000000","4":"0x6352147fe66b145f0000000000000000","5":"0x59d479da31a3e8ca0000000000000000"},"debug_key":"17457283614874478117","debug_reporting":true,"destination":"https://continentalcars.co.nz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["967414147"],"22":["true"],"4":["02-18"],"6":["true"]},"priority":"500","source_event_id":"17422041541528886881"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 18 Feb 2024 19:31:02 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 18 Feb 2024 19:31:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xfb9d4b4f0a2a8cb90000000000000000","2":"0x3e9b940d03d8271c0000000000000000","3":"0x511aa679ca45b8d00000000000000000","4":"0x6352147fe66b145f0000000000000000","5":"0x59d479da31a3e8ca0000000000000000"},"debug_key":"17457283614874478117","debug_reporting":true,"destination":"https://continentalcars.co.nz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["967414147"],"22":["true"],"4":["02-18"],"6":["true"]},"priority":"500","source_event_id":"17422041541528886881"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B2EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=4488315477823659&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CE4C 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17619650906921427031/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17619650906921427031/index.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 07:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
42632
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 19 Feb 2024 07:40:29 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CE4C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17619650906921427031/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9412328c893fb4c6709628ccd2abe0fb40ac5479f67a4fc9811f9626971ab543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17619650906921427031/index.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 18:57:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2035
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13986
x-xss-protection
0
server
cafe
etag
13700676731869450326
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 19 Feb 2024 18:57:06 GMT
generate_204
tpc.googlesyndication.com/ Frame EC0A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?488I-Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Feb 2024 19:31:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
pagead2.googlesyndication.com/bg/ Frame E7A1 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Requested by
Host: one.org.ua
URL: https://one.org.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:39:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
215511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19867
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 07:39:10 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfb9d4b4f0a2a8cb90000000000000000%22,%222%22:%220x3e9b940d03d8271c0000000000000000%22,%223%22:%220x511aa679ca45b8d00000000000000000%22,%224%22:%220x6352147fe66b145f0000000000000000%22,%225%22:%220x59d479da31a3e8ca0000000000000000%22},%22debug_key%22:%2217457283614874478117%22,%22debug_reporting%22:true,%22destination%22:%22https://continentalcars.co.nz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22967414147%22],%2222%22:[%22true%22],%224%22:[%2202-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217422041541528886881%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 18 Feb 2024 19:31:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
pagead2.googlesyndication.com/bg/ Frame B5FB 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:39:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
215511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19867
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 07:39:10 GMT
O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
pagead2.googlesyndication.com/bg/ Frame CE4C 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/O0fxLlxGdVrwDA1P0v8IbiijzEhqz-qxiFTNg42x2Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Feb 2024 07:39:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
215511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19867
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 07:39:10 GMT
CC_Tyre_MAY_Need_Tyres__EMEC_GND_728x90.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17619650906921427031/ Frame CE4C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17619650906921427031/CC_Tyre_MAY_Need_Tyres__EMEC_GND_728x90.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
379652ce9039d49e1dbd758716e9375dcaa3d230c60a7f72567e61c6e039e7cd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17619650906921427031/index.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

expires
Sat, 15 Feb 2025 12:49:50 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 16 Feb 2024 12:49:50 GMT
x-content-type-options
nosniff
age
196871
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14924
x-xss-protection
0
last-modified
Mon, 17 Jul 2023 01:37:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=4488315477823659&bg=!XF-lXxDNAAZN4L4YbeA7ADQBe5WfOGTtB3W0FkazeEzaaKkHlyT5QSfIG3lplLP6JyXKNF08m__sA6oBbJ_zps6chPRlAgAAAElSAAAAAmgBB5kCr0bjBwwgCTCXe02_LOyCKgj1EppVkgLxwgxdCYNxhfZJTsZLf5qufHWXmYW3D2xVpzCa1zn7JJ7fbRP-v3cLHMUQDCTj1d36glLCC2tGnoJADlRbvtC6L5WbxkGBBoJZJmgGGiuI2kNFZPzHGJRho-wA732HNoDBtoOuR1YWgqqltf0fGcFCEMpqHLg7SEbsBk2y39EookvY-0M5wulgxJt2N6T_4_bEaUKtN78eAkVQ0RctsEjujBP3TqZEc0CfW0031zhKS6GkxQFoISk2K-jOkFc0GBqRDimqtOVLn47fryk9eYMcR8x1juyLDXNP8FeAVZY9YqKDv-xERZNL9WO3Dbjlh5DEs43eMlOddAHU8QIWeBv2uq_VhvDn2cOCPQgedcIB4UK1Jhfwuavbq0o1xYWUmarHNl4OVvCyQpu0nx1ob1M5-kj14DJMwZfFf45PhT3IyOf1HLo3aezqYmN_kQk0K_uS_g5HWN-HPj5zPZ2XIIwhQJpAQtvdEkQhpGiwSQoiIe3hP9ReJ8-kYNVl02i2KrNcPQBndTmaaFxHH5kJnJkpgVI5-HvavMrloICaahFPxHz3eJtnnUaa4_ROw9cGo2FxqYJjtyZoSz87nP_gJN2s9U0US6cHSeX2KLKTH9zWj18aIJzQWO07kdKsVDgC2F6gN-4ekZkjfn7gnHIZopipsswhfaxCvt8LauqnAUlLNj6RlKy8hVjx3ijrfIv2LlYCaRrohqMJSvHsX3Y9LkQMTOALM3_B05XSoitf1yDr6U753no8r9l1gBp519SQxWtaIinecwostclw_uVzZu_8n7wW7PYI7dvUJ8OJA5q1jVUjYpP7Kv2J91Rd8cq9qj6B7znWs9iGXMhegb4ar7mVVLClv72PjEpXQvTOWYPgHEzDVHa2HXZWoQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one.org.ua/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 8328 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzEAZbvOaEog82XyOogwD4qxv1a5Tlk11BieYk76mOeAzlXhj78V1kRYthswxywF4RQFckvd8aKK4Hwo0-ecZZSHXs_P9KLsilg50PzmFiJasHvxo1UqSnxQgsvOxY391DXo5r1GpQzibW6phdxMhJFYM3UkfQds52BnCLKpKSfuYxyHbeTuUwQBoRXw&sai=AMfl-YRmy8AKwqCNYR3rz4ZSLuebR_xhvfN4D8Rws3dkIyq37JB4970vGUrnqqvX1bNGXbgeUUOc53GQ9Ol8ttbLLw7zO99gF5foKjYBYD5BqPZCxXuPokzNPwbqeI8qADdAROVPz7M12tjw-lbxRfj5&sig=Cg0ArKJSzKrO-aexp9H5EAE&cid=CAQSTgAvHhf_ShFKpYbWLCLhsOgGyYVCTQMVIxYNzn4N47MWIZO3jwYOHfrmQFmamcF_FxN8FY-bzpy4SzG6wyCmTr9Got03nZ01RYmVHLdBuhgB&id=lidar2&mcvt=1000&p=0,0,123.98565673828125,1005&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=421746100&rst=1708284660601&rpt=979&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4006:811::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 19:31:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery function| max_height_div function| gtag object| dataLayer number| isFacebookPixelInHeaderAdded number| isFacebookPixelAdded function| facebook_loadScript function| fbq function| _fbq string| pixel_script_filename function| google_spfd number| google_unique_id object| google_sv_map object| defaults undefined| global_menu2_button function| autocol_cats undefined| global_cart_button function| masked function| cart_update function| update_cart_manual function| validate_pole_cart number| isFacebookCustomerChatInHeaderAdded number| isFacebookCustomerChatAdded function| get_revpopup_cart_quantity_sliderplast function| validate_pole_sliderplast function| update_quantity_sliderplast function| update_prices_product_sliderplast function| price_format function| weight_format function| number_format number| product_grid_width function| getURLVar object| cart object| voucher object| wishlist object| compare function| list_view function| grid_view function| price_view number| win_shopcart number| win_shopcart2 function| podgon_fona function| toggle_ellipses function| scrollToTop function| get_revpopup_notification function| get_revpopup_phone function| get_revpopup_view function| get_revpopup_purchase function| get_revpopup_cartquick function| get_revpopup_cart function| get_revpopup_cart_option function| get_revpopup_login function| get_revpopup_predzakaz object| NProgress number| cols string| menuNamespace object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| onYouTubeIframeAPIReady object| _facebookAdsExtension object| cookieconsent object| gaplugins object| gaData object| google_llp object| GoogleGcLKhOms object| googletag object| google_image_requests

14 Cookies

Domain/Path Name / Value
one.org.ua/ Name: OCSESSID
Value: 75288427ef38464df0b50a90b5
.one.org.ua/ Name: language
Value: uk-ua
.one.org.ua/ Name: currency
Value: UAH
.one.org.ua/ Name: _ga_39RRNWC4FB
Value: GS1.1.1708284659.1.0.1708284659.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.one.org.ua/ Name: _ga
Value: GA1.3.1003531430.1708284659
.one.org.ua/ Name: _gid
Value: GA1.3.183674204.1708284660
.one.org.ua/ Name: _gat_gtag_UA_164791728_1
Value: 1
one.org.ua/ Name: fb_cookieconsent_status
Value: dismiss
.one.org.ua/ Name: __gads
Value: ID=7190d76642f95c19:T=1708284660:RT=1708284660:S=ALNI_MawvG7I3deV3_9NH5QZT8kbpLpZkw
.one.org.ua/ Name: __gpi
Value: UID=00000d09d389f30e:T=1708284660:RT=1708284660:S=ALNI_MZJCMuymYSwy2KGuOviGgGcecH-Kw
.one.org.ua/ Name: __eoi
Value: ID=261bd13b501fb515:T=1708284660:RT=1708284660:S=AA-Afja6GScNRPGttehIQ9m5tGOP
.one.org.ua/ Name: _fbp
Value: fb.2.1708284661131.965516645
.googleadservices.com/ Name: ar_debug
Value: 1

9 Console Messages

Source Level URL
Text
other warning URL: https://one.org.ua/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://one.org.ua/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://one.org.ua/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://one.org.ua/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://one.org.ua/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://one.org.ua/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/2606130989604107?v=2.9.147&r=stable&domain=one.org.ua&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://one.org.ua/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://one.org.ua/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
ipinfo.io
one.org.ua
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.co.nz
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
116.202.39.219
142.251.221.66
2404:6800:4003:c1c::9d
2404:6800:4006:804::2001
2404:6800:4006:804::2003
2404:6800:4006:804::200a
2404:6800:4006:804::200e
2404:6800:4006:80f::2003
2404:6800:4006:811::2002
2404:6800:4006:812::2002
2404:6800:4006:814::2004
2404:6800:4006:814::2008
2a03:2880:f019:116:face:b00c:0:3
2a03:2880:f119:8083:face:b00c:0:25de
34.117.186.192
02bae3958b887d3918ea8b80d9076ecb4bd2462747161c82d934a05dc3561067
0381c326f81462b9054be596871e6c87336aeb3968aa862a8534b7308869f6f8
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
08b1d01987b871819d1c09e50b54292f972e2b27514167555c71f9d29366f88c
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0c6fdcdb04af2f95b0ea3e27ec3ef315aa6a25d79cd653fa2213662cc11da706
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
0e8f9af2767d64eb278a50de5eccb08e58f334d514fc06a0b6b6ddbefa131aaa
123f40b3fa1c0351e4431da07696be8b4a30299e5f1387bdbfa4b6bf638e66ce
215195e524b9d98aec49a3604a13e2cb921e5d175fc6ae2ebedb91d499276d29
243e59bda40b81e92ec211082ba272d30b09b0d115c0e3f150c3f2f2e5d83961
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
2764eb52b06165789e33a2815fb72833341183ff0e611d0a9a8201e15cd83f30
288ae0b3ed809ca2bd87afddaed4a6979c187c9754720209c368816bf177c29f
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
379652ce9039d49e1dbd758716e9375dcaa3d230c60a7f72567e61c6e039e7cd
3b47f12e5c46755af00c0d4fd2ff086e28a3cc486acfeab18854cd838db1d8ec
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41fd13404732a840faa0cd8ec1844eb8201917032db2759629b2f1ec114b7a88
42e2f7841c184c7c3e960ceb591d13e794564ab1f68eb800bbf32a36c21dc3d4
47aff2dd89a5887f7b6a0fe9a47821a36faa35c94699233c74677164908a90e2
47ec03309bc3ac5a016afd1066a62d246d067033841dc90dd3629b998515ddce
4aacdc4f5d7f4fc5c4dcc5d0e373ee932168d1b84095e705f716e7857fa9e3bf
4adc940df4e0674c30c88426d542d6b4e1e781830d4a5dcb7261b119efd032ca
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
51fcfb35caa01e9f91975f5d2cd43e8dd4d4f01a1e4adc217af6fa3e5209d4b6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a19e41b7671bc58bb2d67c85d7f9947b0ffa954e82fb38adfecc987ec11f2fc
5a90762f4511af3034b2c9a99674b819aa4a87a795ce1b6f7b60ebde72be9994
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5ffea64105b36ba687f8930535939aec8e5bc34c3c30521d4dc04089bf3a826c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6310c4ab7d5bb90ed0edd05bda86886a4fd6d160c9aca89916c5a9db6301ce01
64d175c790da20955f58ef525ad2bf081bf74ae0e0f84f2c2a3b2ae623072072
660b2ff5d9389f53d908743dcb3645aaae734b006459f69d6c1f17adf7960f23
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
72936e20c1f1ca49f0b35b4acab593fe62f5acfb46220f03c2441e2ac17b1033
741d3c6c9f34e9af2a9d533bf0fe847365cb12d448d5925570fe3bdc99240932
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
80df099b0f32a3b3b9f4938718bc45d9dfcdb3b9ba64fa63cdf87359f325fd14
8153a89b1c14f5f0a593198a38d3666d82fcb2b3b2ee7758d711ce28ea84ae1b
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88e9a486be9a10f89db50bce5780f7a0bc8acf9959bdfc8d42a36452db89c65f
8b77fa885830bdff9dc85317d246b9294830b5760fb461a7842222c0496cde3b
8cb77af6aea6ea49d03d497ff5e1dce37fc1deaa77a70e218b8df4eba12b71d3
8ce31ae4258be24b3650160a4a92f164946db56ae44391fef139b9bf970d716f
9412328c893fb4c6709628ccd2abe0fb40ac5479f67a4fc9811f9626971ab543
9a637295cbf7a378f5b940da61df91245d2834622dd2bdfd6f93352a35d87089
9b9f0b1c6257c531b8e5050bddf217a4fed579d15cb8620891a860e68bfd9d0f
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c2d49cd7f94976b091a9b20f1058aa2e4eb3901d11b2199fe3cff61bb6c823f
9f061684333e5e30950452180b629c3ac018acf73ff34ebdf6afec73399c1224
a216d7ed0c9208a0ab123ad0148d2d4477f803d93dfc2fc711c1f6d03ba7c3bc
b11d5d358b3753b9e7896ab1b32faafa06b108088b8f026cef635b98704b6fe5
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
ba2dd440730d51508abd887109c4b7f8522a5ee68b949570e4ed7e109e91b09c
bcfae6d71bfbbf638899b4a680e9c0e1aa0111d4877cd7b67d03196e8fa16587
bdfe1b9bed7fd0fe71122ff6ed06c74184342c50ce96e494bf3403ee609ab486
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
d8f3c8b31d1b284a506fb6a0f3768c950f38ef7ad4907eb42d36bb6c1798ba6b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
debb082a27a8f82a26f5bed523ccea13e900f5a6b0c8bbb5932ecdfa6faafecd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e77a22081053ccc02fb75ec209f6b8b6d3fe4a326470a49c0f980fcf8d7d5972
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef786e44161beaa956b86a34a98e75443097cf34c504b68410b78ec8f1c7ce63
f986677a0a669f5623835758585c87696378251756521cdfa4182b746a2c68ea